CVE-2024-52509

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-52509

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52509.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-52509

Aliases

GHSA-pwpp-fvcr-w862

Published

2024-11-15T18:15:29Z

Modified

2024-11-18T17:46:39.519332Z

Summary

[none]

Details

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2.

References

Affected packages

Git / github.com/nextcloud/mail

Affected ranges

Type: GIT
Repo: https://github.com/nextcloud/mail
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8d44f1ce44684022aa4e62a3e0462fdadcde6c8b

Affected versions

1.*

1.10.0-alpha.7

1.6.2

Other

nighly-20170831

nightly-20161202

nightly-20161208

nightly-20161218

nightly-20170117

nightly-20170612

nightly-20170823

nightly-20170831

nightly-20170906

nightly-20170913

nightly-20171127

nightly-20171212

nightly-20180410

nightly-20200115

nightly-20200423

nightly-20200427

nightly-20200506

nightly-20200513

untagged-bd8a3cab1eb0022ec683

v0.*

v0.1.0

v0.1.3

v0.10.0

v0.10.0-beta1

v0.10.0-rc1

v0.11.0

v0.11.0-beta1

v0.12.0

v0.12.0-RC1

v0.12.0-RC2

v0.12.0-RC3

v0.12.0-alpha-4

v0.12.0-alpha-5

v0.12.0-alpha1

v0.12.0-alpha2

v0.12.0-alpha3

v0.12.0-beta1

v0.12.0-beta2

v0.12.0-beta3

v0.12.0-beta4

v0.12.0-beta5

v0.13.0

v0.14.0

v0.15.0

v0.15.1

v0.15.2

v0.15.3

v0.15.4

v0.15.5

v0.16.0

v0.17.0

v0.18.0

v0.18.0-RC1

v0.18.1

v0.19.0

v0.19.1

v0.2.0

v0.20.0

v0.20.1

v0.20.2

v0.20.3

v0.21.0

v0.21.1

v0.3.0

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.4.4

v0.5.0

v0.5.1

v0.5.2

v0.6.2

v0.7.0

v0.7.1

v0.7.10

v0.7.2

v0.7.3

v0.7.4

v0.7.5

v0.7.6

v0.7.7

v0.7.8

v0.7.9

v0.8.0

v0.8.0-alpha1

v0.8.0-beta1

v0.8.1

v0.8.2

v0.8.2-alpha2

v0.8.2-alpha3

v0.8.3

v0.8.3-alpha1

v0.9.0

v0.9.0-beta1

v0.9.0-beta2

v0.9.0-beta3

v0.9.0-rc1

v1.*

v1.0.0

v1.1.0

v1.1.1

v1.1.2

v1.10.0-RC.1

v1.10.0-alpha.4

v1.10.0-alpha.6

v1.10.0-alpha.7

v1.11.0

v1.11.0-rc1

v1.12.0-rc.1

v1.13.0-beta1

v1.13.0-beta3

v1.14.0-alpha4

v1.14.0-beta1

v1.3.0

v1.3.0-RC1

v1.3.0-beta1

v1.3.0-beta2

v1.3.0-beta3

v1.3.1

v1.3.2

v1.3.3

v1.4.0-beta1

v1.4.0-beta2

v1.4.0-rc1

v1.5.0

v1.5.0-alpha3

v1.5.0-beta1

v1.5.0-beta2

v1.5.0-beta3

v1.5.0-rc1

v1.5.0-rc2

v1.6.0

v1.7.0

v1.8.0

v1.9.0

v1.9.0-alpha2

v1.9.0-alpha3

v2.*

v2.0.0-RC1

v2.0.0-beta.5

v2.0.0-beta.6

v2.0.0-beta.7

v2.0.0-beta1

v2.0.0-beta3

v2.0.0-beta4

v2.1.0-rc1

v2.3.0-alpha.4

v3.*

v3.0.0-alpha.1

v3.0.0-beta.2

v3.2.0-alpha.1

v3.2.0-alpha.2

v3.2.0-beta.1

v3.2.0-beta.2

v3.2.0-rc.1

v3.3.0-alpha.1

v3.4.0-alpha.3

v3.4.0-beta.1

v3.4.0-beta.2

v3.4.0-beta.3

v3.4.0-beta.4

v3.4.0-rc.1

v3.5.0-beta1

v3.5.0-beta2

v3.5.0-beta3

v3.6.0-beta1

v3.6.0-beta2

v3.6.0-beta3