CVE-2019-5452

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-5452

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5452.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-5452

Published

2019-07-30T21:15:11.773Z

Modified

2026-04-10T04:19:28.452749Z

Severity

2.4 (Low) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.

References

https://hackerone.com/reports/534541

Affected packages

Git / github.com/nextcloud/android

Affected ranges

Type

GIT

Repo

https://github.com/nextcloud/android

Events

Introduced

Fixed

305db4b82de8a5cb247cdd6bfa189e2a59b54ac5

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.6.2"
        }
    ]
}

Affected versions

0.*

0.99

1.*

1.0.0

1.4.6-easy-setup

Other

dev-20171209

dev-20171211

dev-20171212

dev-20171213

dev-20180809

dev-20180811

dev-20180821

dev-20180823

dev-20180824

dev-20180825

dev-20180829

dev-20180903

dev-20180905

dev-20180907

dev-20180908

dev-20180911

dev-20180912

dev-20180913

dev-20180914

dev-20180915

dev-20180918

dev-20180919

dev-20180920

dev-20180921

dev-20180924

dev-20180925

dev-20180926

dev-20180927

dev-20181006

dev-20181009

dev-20181013

dev-20181016

dev-20181018

dev-20181020

dev-20181023

dev-20181024

dev-20181025

dev-20181026

dev-20181027

dev-20181028

dev-20181030

dev-20181031

dev-20181101

dev-20181102

dev-20181103

dev-20181106

dev-20181107

dev-20181203

dev-20181204

dev-20181206

dev-20181207

dev-20181208

dev-20181211

dev-20181212

dev-20181214

dev-20181215

dev-20181216

dev-20181218

dev-20181222

dev-20190105

dev-20190108

dev-20190112

dev-20190113

dev-20190115

dev-20190116

dev-20190117

dev-20190118

dev-20190119

dev-20190122

dev-20190123

dev-20190126

dev-20190129

dev-20190130

dev-20190131

dev-20190201

dev-20190202

dev-20190205

dev-20190206

dev-20190207

dev-20190208

dev-20190209

dev-20190212

dev-20190213

dev-20190214

dev-20190215

dev-20190216

dev-20190219

dev-20190220

dev-20190221

dev-20190226

dev-20190227

dev-20190228

dev-20190301

dev-20190305

dev-20190306

dev-20190307

dev-20190308

dev-20190309

dev-20190310

dev-20190312

dev-20190313

dev-20190314

dev-20190316

dev-20190319

dev-20190320

dev-20190321

dev-20190323

dev-20190327

oc-android-1-3-13

oc-android-1-3-14

oc-android-1-3-17

oc-android-1-3-18

oc-android-1-3-19

oc-android-1-3-20

oc-android-1-4-0

oc-android-1.*

oc-android-1.4.3

oc-android-1.4.4

oc-android-1.4.5

oc-android-1.4.6

oc-android-1.5.3

oc-android-1.7.0

oc-android-1.7.0_signed

oc-android-1.7.1_signed

oc-android-1.8

rc-1.*

rc-1.1.0-01

rc-1.1.0-02

rc-1.2.0-01

rc-1.2.0-02

rc-1.3.0-01

rc-1.3.0-02

rc-1.4.0-01

rc-1.4.0-02

rc-1.4.0-03

rc-1.4.0-04

rc-1.4.1-01

rc-1.4.1-02

rc-1.4.1-03

rc-1.4.1-04

rc-1.4.2-01

rc-1.4.2-02

rc-1.4.2-04

rc-2.*

rc-2.0.0-01

rc-2.0.0-03

rc-2.0.0-04

rc-2.0.0-05

rc-2.0.0-06

rc-2.0.0-07

rc-2.0.0-08

rc-2.0.0-09

rc-3.*

rc-3.0.0-01

rc-3.0.0-02

rc-3.0.0-03

rc-3.1.0-01

rc-3.1.0-02

rc-3.6.0-01

rc-3.6.0-02

rc-3.6.0-03

rc-3.6.1-01

rc-3.6.1-02

rc-3.6.2-01

stable-1.*

stable-1.0.0

stable-1.0.1

stable-1.1.0

stable-1.2.0

stable-1.3.0

stable-1.3.1

stable-1.4.0

stable-1.4.1

stable-1.4.2

stable-1.4.3

stable-2.*

stable-2.0.0

stable-3.*

stable-3.6.0

stable-3.6.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-5452.json"