CVE-2022-41926
- Source
- https://cve.org/CVERecord?id=CVE-2022-41926
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41926.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-41926
- Aliases
-
- GHSA-564v-3rfc-352m
- Published
- 2022-11-25T00:00:00Z
- Modified
- 2026-04-10T04:51:34.159858Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Nextcloud Talk Android broadcast incorrect permission handling
- Details
-
Nextcould talk android is the android OS implementation of the nextcloud talk chat system. In affected versions the receiver is not protected by broadcastPermission allowing malicious apps to monitor communication. It is recommended that the Nextcloud Talk Android is upgraded to 14.1.0. There are no known workarounds for this issue.
- Database specific
{ "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-200", "CWE-732" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/41xxx/CVE-2022-41926.json" }- References
-
- https://hackerone.com/reports/1596459
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/41xxx/CVE-2022-41926.json
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-564v-3rfc-352m
- https://nvd.nist.gov/vuln/detail/CVE-2022-41926
- https://github.com/nextcloud/talk-android/pull/2148
Affected packages
Git / github.com/nextcloud/talk-android
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nextcloud/talk-android
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
alpha-
alpha-110000002
alpha-110000004
alpha-110000005
alpha-110000006
alpha-120000002
alpha-120000003
alpha-120000004
alpha-120000005
alpha-120000006
alpha-120000007
alpha-120000008
alpha-120000013
alpha-120000014
alpha-120000015
alpha-120000016
alpha-120020002
alpha-120020003
alpha-120020004
alpha-120020005
alpha-120020006
alpha-120020007
alpha-120030002
alpha-120030003
alpha-120030004
alpha-120030005
alpha-120030006
alpha-120030007
alpha-120030008
alpha-120030009
alpha-120030010
alpha-120030011
alpha-120030012
alpha-120030013
alpha-120030014
alpha-130000002
alpha-130010002
alpha-130010003
alpha-130010004
alpha-130010005
alpha-130010006
alpha-130010007
alpha-130010008
alpha-130010009
alpha-130010010
alpha-130010011
alpha-130010012
alpha-130010013
alpha-130010014
alpha-130010015
alpha-130010016
alpha-130010017
alpha-130010018
alpha-140010002
alpha-140010003
alpha-140010004
alpha-140010005
alpha-140010006
alpha-140010007
alpha-140010008
alpha-140010009
alpha-140010010
v0.*
v0.1.0
v0.1.1
v0.1.2
v0.2.0
v1.*
v1.0
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.0beta1
v1.1.0beta2
v1.1.0beta3
v1.1.0beta4
v1.1.1
v1.2.0beta1
v1.2.0beta2
v1.2.0beta3
v11.*
v11.0.0
v14.*
v14.1.0rc1
v14.1.0rc2
v2.*
v2.0.0
v2.0.0beta4
v2.0.0beta5
v2.1.0
v2.1.0beta1
v2.1.0beta2
v2.1.0beta3
v2.1.0beta4
v2.1.0beta5
v3.*
v3.0.0
v3.0.0beta1
v3.0.0beta10
v3.0.0beta3
v3.0.0beta4
v3.0.0beta5
v3.0.0beta6
v3.0.0beta7
v3.0.0beta8
v3.0.1
v3.1.0
v3.1.0beta1
v3.1.0beta2
v3.1.0beta3
v3.1.0beta4
v3.1.0beta5
v3.1.0beta6
v3.2.0beta1
v3.2.0beta2
v3.2.0beta3
v3.2.0beta4
v3.2.0beta5
v3.3.0beta1
v3.3.0beta2
v3.3.0beta3
v6.*
v6.0.0
v6.0.0beta1
v6.0.0beta2
v6.0.0beta3
v6.0.0beta4
v6.0.1
v6.0.2
v6.0.6-internal
v6.0.6internal
v6.0.7beta
v6.1.0
v7.*
v7.0.0
v7.0.0beta1
v7.0.0beta2
v7.0.0beta3
v7.0.0beta4
v7.0.0beta5
v7.0.1
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.6
v7.0.7
v7.0.8
v8.*
v8.0.0
v8.0.0beta1
v8.0.0beta2
v8.0.0beta3
v8.0.0beta4
v8.0.1
v8.0.10
v8.0.2
v8.0.3
v8.0.4
v8.0.5
v8.0.6
v8.0.7
v8.0.8
v8.0.9
v8.1.0
v8.1.0rc1
v8.2.0