CVE-2021-32658

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-32658
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32658.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32658
Related
  • GHSA-g5gf-rmhm-wpxw
Published
2021-06-08T19:15:08.377Z
Modified
2026-04-11T17:25:53.350008Z
Severity
  • 4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is recommended that the Nextcloud Android App is upgraded to 3.16.1

References

Affected packages

Git / github.com/nextcloud/android

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/android
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5b68a3a475acd0378f91f44dd5eedd79a454b952
Fixed
355f3c745b464b741b20a3b96597303490c26333
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.16.1"
        }
    ]
}

Affected versions

0.*
0.99
1.*
1.0.0
1.4.6-easy-setup
Other
dev-20171209
dev-20171211
dev-20171212
dev-20171213
dev-20180809
dev-20180811
dev-20180821
dev-20180823
dev-20180824
dev-20180825
dev-20180829
dev-20180903
dev-20180905
dev-20180907
dev-20180908
dev-20180911
dev-20180912
dev-20180913
dev-20180914
dev-20180915
dev-20180918
dev-20180919
dev-20180920
dev-20180921
dev-20180924
dev-20180925
dev-20180926
dev-20180927
dev-20181006
dev-20181009
dev-20181013
dev-20181016
dev-20181018
dev-20181020
dev-20181023
dev-20181024
dev-20181025
dev-20181026
dev-20181027
dev-20181028
dev-20181030
dev-20181031
dev-20181101
dev-20181102
dev-20181103
dev-20181106
dev-20181107
dev-20181203
dev-20181204
dev-20181206
dev-20181207
dev-20181208
dev-20181211
dev-20181212
dev-20181214
dev-20181215
dev-20181216
dev-20181218
dev-20181222
dev-20190105
dev-20190108
dev-20190112
dev-20190113
dev-20190115
dev-20190116
dev-20190117
dev-20190118
dev-20190119
dev-20190122
dev-20190123
dev-20190126
dev-20190129
dev-20190130
dev-20190131
dev-20190201
dev-20190202
dev-20190205
dev-20190206
dev-20190207
dev-20190208
dev-20190209
dev-20190212
dev-20190213
dev-20190214
dev-20190215
dev-20190216
dev-20190219
dev-20190220
dev-20190221
dev-20190226
dev-20190227
dev-20190228
dev-20190301
dev-20190305
dev-20190306
dev-20190307
dev-20190308
dev-20190309
dev-20190310
dev-20190312
dev-20190313
dev-20190314
dev-20190316
dev-20190319
dev-20190320
dev-20190321
dev-20190323
dev-20190327
dev-20190328
dev-20190329
dev-20190402
dev-20190403
dev-20190404
dev-20190406
dev-20190408
dev-20190409
dev-20190410
dev-20190411
dev-20190412
dev-20190413
dev-20190414
dev-20190502
dev-20190513
dev-20190514
dev-20190515
dev-20190517
dev-20190518
dev-20190520
dev-20190521
dev-20190522
dev-20190523
dev-20190524
dev-20190528
dev-20190529
dev-20190530
dev-20190531
dev-20190601
dev-20190604
dev-20190605
dev-20190612
dev-20190613
dev-20190615
dev-20190619
dev-20190621
dev-20190622
dev-20190625
dev-20190627
dev-20190629
dev-20190701
dev-20190702
dev-20190703
dev-20190704
dev-20190705
dev-20190710
dev-20190711
dev-20190713
dev-20190716
dev-20190717
dev-20190720
dev-20190723
dev-20190724
dev-20190726
dev-20190727
dev-20190730
dev-20190731
dev-20190802
dev-20190803
dev-20190806
dev-20190808
dev-20190809
dev-20190810
dev-20190813
dev-20190815
dev-20190816
dev-20190817
dev-20190820
dev-20190821
dev-20190822
dev-20190823
dev-20190824
dev-20190827
dev-20190828
dev-20190829
dev-20190903
dev-20190904
dev-20190905
dev-20190906
dev-20190910
dev-20190911
dev-20190913
dev-20190914
dev-20190921
dev-20190924
dev-20190926
dev-20190928
dev-20191002
dev-20191003
dev-20191005
dev-20191008
dev-20191009
dev-20191010
dev-20191011
dev-20191012
dev-20191016
dev-20191017
dev-20191018
dev-20191019
dev-20191022
dev-20191024
dev-20191025
dev-20191026
dev-20191029
dev-20191030
dev-20191031
dev-20191101
dev-20191102
dev-20191106
dev-20191107
dev-20191108
dev-20191113
dev-20191114
dev-20191116
dev-20191119
dev-20191120
dev-20191121
dev-20191123
dev-20191127
dev-20191129
dev-20191203
dev-20191204
dev-20191205
dev-20191206
dev-20191207
dev-20191211
dev-20191213
dev-20191214
dev-20191217
dev-20191218
dev-20191219
dev-20191220
dev-20191221
dev-20200107
dev-20200108
dev-20200109
dev-20200110
dev-20200112
dev-20200115
dev-20200117
dev-20200118
dev-20200121
dev-20200122
dev-20200125
dev-20200128
dev-20200129
oc-android-1-3-13
oc-android-1-3-14
oc-android-1-3-17
oc-android-1-3-18
oc-android-1-3-19
oc-android-1-3-20
oc-android-1-4-0
oc-android-1.*
oc-android-1.4.3
oc-android-1.4.4
oc-android-1.4.5
oc-android-1.4.6
oc-android-1.5.3
oc-android-1.7.0
oc-android-1.7.0_signed
oc-android-1.7.1_signed
oc-android-1.8
rc-1.*
rc-1.1.0-01
rc-1.1.0-02
rc-1.2.0-01
rc-1.2.0-02
rc-1.3.0-01
rc-1.3.0-02
rc-1.4.0-01
rc-1.4.0-02
rc-1.4.0-03
rc-1.4.0-04
rc-1.4.1-01
rc-1.4.1-02
rc-1.4.1-03
rc-1.4.1-04
rc-1.4.2-01
rc-1.4.2-02
rc-1.4.2-04
rc-2.*
rc-2.0.0-01
rc-2.0.0-03
rc-2.0.0-04
rc-2.0.0-05
rc-2.0.0-06
rc-2.0.0-07
rc-2.0.0-08
rc-2.0.0-09
rc-3.*
rc-3.0.0-01
rc-3.0.0-02
rc-3.0.0-03
rc-3.1.0-01
rc-3.1.0-02
rc-3.16.0-01
rc-3.16.0-02
rc-3.16.1-01
rc-3.6.0-01
stable-1.*
stable-1.0.0
stable-1.0.1
stable-1.1.0
stable-1.2.0
stable-1.3.0
stable-1.3.1
stable-1.4.0
stable-1.4.1
stable-1.4.2
stable-1.4.3
stable-2.*
stable-2.0.0
stable-3.*
stable-3.16.0

Database specific

vanir_signatures_modified 
"2026-04-11T17:25:53Z"
vanir_signatures 
[
    {
        "signature_type": "Function",
        "id": "CVE-2021-32658-02da77d0",
        "digest": {
            "function_hash": "204074037388779280763450898895248817851",
            "length": 2358.0
        },
        "source": "https://github.com/nextcloud/android/commit/355f3c745b464b741b20a3b96597303490c26333",
        "signature_version": "v1",
        "target": {
            "function": "onShow",
            "file": "src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java"
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2021-32658-0803d86c",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "187228872876105348036970258530191140453",
                "334574834211272699017174966348165351805",
                "265633840322947791086459243648463926270",
                "194393095113473704750056911003475155917",
                "318227661396509153018103162566783730728",
                "276242121823470279180546149186572731266"
            ]
        },
        "source": "https://github.com/nextcloud/android/commit/355f3c745b464b741b20a3b96597303490c26333",
        "signature_version": "v1",
        "target": {
            "file": "src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java"
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "id": "CVE-2021-32658-9a14ab98",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "244354890822681210340708690372476696216",
                "276175414959636470934100714440262568006",
                "270400207281040229207731533172221799571",
                "283016320702720658321535024877125321253",
                "252182610927001997982342675021192789854",
                "49990051135529676913333977221101261234",
                "35846233045639326006550518321390833185",
                "99370553752790220633521166182452143193",
                "19760939333898780074823811886881491450",
                "326044477257720045345069399434529145025",
                "144832760916861151637757728659479166444",
                "159134019731081907958418847340629525614",
                "65903818700669486635972947098166822889",
                "152421207822351688710006219832677963396",
                "318592074659712864545570398672427433054",
                "19655283731221524543373420016834426384",
                "128450659928022079911455104276321034394",
                "14047099173889929277980255550449628321",
                "152819290237229156072148499944965142571",
                "314044462896887897040338554867502794985",
                "238427648856996349705978235619622898175",
                "131294009652155117594029678758280393229",
                "259639771153797408274850902463573606721",
                "117894929845208657074642191412142851666",
                "69603510908865639998773868169712859513",
                "221953092495114475234925221949452369963",
                "179136598032103585096285304193398107359",
                "335766460096705856275229625178856732949"
            ]
        },
        "source": "https://github.com/nextcloud/android/commit/355f3c745b464b741b20a3b96597303490c26333",
        "signature_version": "v1",
        "target": {
            "file": "src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java"
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2021-32658-f239a1b5",
        "digest": {
            "function_hash": "250343245634420227883648114532362506038",
            "length": 1858.0
        },
        "source": "https://github.com/nextcloud/android/commit/355f3c745b464b741b20a3b96597303490c26333",
        "signature_version": "v1",
        "target": {
            "function": "onClick",
            "file": "src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java"
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "id": "CVE-2021-32658-f9377250",
        "digest": {
            "function_hash": "281354828577392710637449536751707036637",
            "length": 2799.0
        },
        "source": "https://github.com/nextcloud/android/commit/355f3c745b464b741b20a3b96597303490c26333",
        "signature_version": "v1",
        "target": {
            "function": "createDialog",
            "file": "src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java"
        },
        "deprecated": false
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32658.json"