RSS   Podatności dla 'Nextcloud mail'   RSS

2021-07-12
 
CVE-2021-32707

CWE-200
 

 
Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a `background-image` CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there was no IP leakage. The issue was patched in version 1.9.6 and 1.10.0. No workarounds are known to exist.

 
2020-05-12
 
CVE-2020-8156

CWE-295
 

 
A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.

 

 >>> Vendor: Nextcloud 18 Produkty
Nextcloud
Nextcloud server
Calendar
TALK
Lookup-server
Server
Circles
DECK
Group folders
Nextcloud mail
Contacts
Preferred providers
Social
Desktop
Richdocuments
MAIL
Officeonline
NEWS


Copyright 2021, cxsecurity.com

 

Back to Top