CVE-2024-46958

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-46958
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46958.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-46958
Downstream
Published
2024-09-16T02:15:01.803Z
Modified
2025-11-20T12:28:32.668703Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.

References

Affected packages

Git / github.com/nextcloud/desktop

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/desktop
Events
Introduced
d8d7b037d14eb29eac2f9d61844e0a7fcf24e36c
Fixed
c440d7b25b2d8c7d3c39c82d434ad49752199dc5

Affected versions

v3.*

v3.13.1
v3.13.2
v3.13.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46958.json"