admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-525xx/CVE-2024-52509.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

72 lines
2.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-52509",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-11-15T18:15:29.280",
"lastModified": "2024-11-18T17:11:56.587",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2."
},
{
"lang": "es",
"value": "Nextcloud Mail es la aplicaci\u00f3n de correo de Nextcloud, una plataforma de productividad alojada en servidores propios. La aplicaci\u00f3n de correo de Nextcloud permit\u00eda por error adjuntar archivos compartidos sin permisos de descarga como archivos adjuntos. Esto permit\u00eda a los usuarios enviarse los archivos a s\u00ed mismos y luego descargarlos desde sus clientes de correo. Se recomienda actualizar Nextcloud Mail a la versi\u00f3n 2.2.10, 3.6.2 o 3.7.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/mail/commit/8d44f1ce44684022aa4e62a3e0462fdadcde6c8b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/mail/pull/9592",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pwpp-fvcr-w862",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/1878255",
"source": "security-advisories@github.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink