CVE-2024-46958

Source
https://cve.org/CVERecord?id=CVE-2024-46958
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46958.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-46958
Downstream
Published
2024-09-16T00:00:00Z
Modified
2026-07-15T01:48:56.851006432Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.

Database specific
{
    "cna_assigner": "mitre",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46958.json"
}
References

Affected packages

Git / github.com/nextcloud/desktop

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/desktop
Events
Database specific
{
    "source": "DESCRIPTION",
    "extracted_events": [
        {
            "introduced": "3.13.1"
        },
        {
            "fixed": "3.13.3"
        }
    ]
}

Affected versions

v3.*
v3.13.1
v3.13.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46958.json"