CVE-2020-8225
published 2020-09-18CVE-2020-8225: A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nextcloud-desktop | < nextcloud-desktop 3.0.1-1 (bookworm) | nextcloud-desktop 3.0.1-1 (bookworm) |
| nextcloud | desktop | < 2.6.5 | 2.6.5 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH