CVE-2021-22912

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-22912

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22912.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-22912

Related

GHSA-m7w4-cvjr-76mh

Published

2021-06-11T16:15:11.753Z

Modified

2026-04-10T04:30:14.968714Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.

References

Affected packages

Git / github.com/nextcloud/android

Affected ranges

Type

GIT

Repo

https://github.com/nextcloud/android

Events

Introduced

Fixed

d98909c0d5c4a9495b583a4d32a8bb473fff209d

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.4.2"
        }
    ]
}

Affected versions

0.*

0.99

1.*

1.0.0

1.4.6-easy-setup

Other

dev-20171209

dev-20171211

dev-20171212

dev-20171213

dev-20180809

dev-20180811

dev-20180821

dev-20180823

dev-20180824

dev-20180825

dev-20180829

dev-20180903

dev-20180905

dev-20180907

dev-20180908

dev-20180911

dev-20180912

dev-20180913

dev-20180914

dev-20180915

dev-20180918

dev-20180919

dev-20180920

dev-20180921

dev-20180924

dev-20180925

dev-20180926

dev-20180927

dev-20181006

dev-20181009

dev-20181013

dev-20181016

dev-20181018

dev-20181020

dev-20181023

dev-20181024

dev-20181025

dev-20181026

dev-20181027

dev-20181028

dev-20181030

dev-20181031

dev-20181101

dev-20181102

dev-20181103

dev-20181106

dev-20181107

oc-android-1-3-13

oc-android-1-3-14

oc-android-1-3-17

oc-android-1-3-18

oc-android-1-3-19

oc-android-1-3-20

oc-android-1-4-0

oc-android-1.*

oc-android-1.4.3

oc-android-1.4.4

oc-android-1.4.5

oc-android-1.4.6

oc-android-1.5.3

oc-android-1.7.0

oc-android-1.7.0_signed

oc-android-1.7.1_signed

oc-android-1.8

rc-1.*

rc-1.1.0-01

rc-1.1.0-02

rc-1.2.0-01

rc-1.2.0-02

rc-1.3.0-01

rc-1.3.0-02

rc-1.4.0-01

rc-1.4.0-02

rc-1.4.0-03

rc-1.4.0-04

rc-1.4.1-01

rc-1.4.1-02

rc-1.4.1-03

rc-1.4.1-04

rc-1.4.2-01

rc-1.4.2-02

rc-1.4.2-04

rc-2.*

rc-2.0.0-01

rc-2.0.0-03

rc-2.0.0-04

rc-2.0.0-05

rc-2.0.0-06

rc-2.0.0-07

rc-2.0.0-08

rc-2.0.0-09

rc-3.*

rc-3.0.0-01

rc-3.0.0-02

rc-3.0.0-03

rc-3.1.0-01

rc-3.1.0-02

rc-3.4.0-01

rc-3.4.0-02

rc-3.4.0-03

rc-3.4.1-02

rc-3.4.2-01

rc-3.4.2-02

stable-1.*

stable-1.0.0

stable-1.0.1

stable-1.1.0

stable-1.2.0

stable-1.3.0

stable-1.3.1

stable-1.4.0

stable-1.4.1

stable-1.4.2

stable-1.4.3

stable-2.*

stable-2.0.0

stable-3.*

stable-3.4.0

stable-3.4.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22912.json"