CVE-2022-39212
published 2022-09-17CVE-2022-39212: Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame…
PriorityP425medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.55%
41.8th percentile
Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or 14.0.4. Users unable to upgrade should select "None" as camera before joining the call.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nextcloud | security-advisories | < 13.0.8 | 13.0.8 |
| nextcloud | security-advisories | — | — |
| nextcloud | talk | < 13.0.8 | 13.0.8 |
| nextcloud | talk | >= 14.0.0 < 14.0.4 | 14.0.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-17
Published