cbcvebase.
CVE-2022-39212
published 2022-09-17

CVE-2022-39212: Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame…

PriorityP425medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.55%
41.8th percentile
Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or 14.0.4. Users unable to upgrade should select "None" as camera before joining the call.

Affected

4 ranges
VendorProductVersion rangeFixed in
nextcloudsecurity-advisories< 13.0.813.0.8
nextcloudsecurity-advisories
nextcloudtalk< 13.0.813.0.8
nextcloudtalk>= 14.0.0 < 14.0.414.0.4
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.