Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities found for com.nextcloud.client by Nextcloud
CVE-2019-5453 (GCVE-0-2019-5453)
Vulnerability from cvelistv5 – Published: 2019-07-30 20:30 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/331489 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.3.0
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/331489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.3.0"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:30:50.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/331489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.3.0"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/331489",
"refsource": "MISC",
"url": "https://hackerone.com/reports/331489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5453",
"datePublished": "2019-07-30T20:30:50.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5455 (GCVE-0-2019-5455)
Vulnerability from cvelistv5 – Published: 2019-07-30 20:26 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/490946 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.6.1
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/490946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.6.1"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:26:47.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/490946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.6.1"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/490946",
"refsource": "MISC",
"url": "https://hackerone.com/reports/490946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5455",
"datePublished": "2019-07-30T20:26:47.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5453 (GCVE-0-2019-5453)
Vulnerability from nvd – Published: 2019-07-30 20:30 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/331489 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.3.0
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/331489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.3.0"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:30:50.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/331489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.3.0"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/331489",
"refsource": "MISC",
"url": "https://hackerone.com/reports/331489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5453",
"datePublished": "2019-07-30T20:30:50.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5455 (GCVE-0-2019-5455)
Vulnerability from nvd – Published: 2019-07-30 20:26 – Updated: 2024-08-04 19:54
VLAI
Summary
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.
Severity
No CVSS data available.
CWE
- CWE-288 - Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://hackerone.com/reports/490946 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Nextcloud | com.nextcloud.client |
Affected:
3.6.1
|
Date Public
2019-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/490946"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "com.nextcloud.client",
"vendor": "Nextcloud",
"versions": [
{
"status": "affected",
"version": "3.6.1"
}
]
}
],
"datePublic": "2019-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-288",
"description": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T20:26:47.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/490946"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2019-5455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "com.nextcloud.client",
"version": {
"version_data": [
{
"version_value": "3.6.1"
}
]
}
}
]
},
"vendor_name": "Nextcloud"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel (CWE-288)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/490946",
"refsource": "MISC",
"url": "https://hackerone.com/reports/490946"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2019-5455",
"datePublished": "2019-07-30T20:26:47.000Z",
"dateReserved": "2019-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:54:53.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}