CVE-2020-8224
published 2020-08-10CVE-2020-8224: A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nextcloud-desktop | — | — |
| nextcloud | desktop | < 2.6.5 | 2.6.5 |