CVE-2021-32695

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-32695
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32695.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-32695
Related
  • GHSA-25m9-cf6c-qf2c
Published
2021-06-17T21:15:07.887Z
Modified
2026-03-13T04:57:21.930014Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing flow and choose the malicious app. The shared preferences contain some limited private data such as push tokens and the account name. The vulnerability is patched in version 3.16.1.

References

Affected packages

Git / github.com/nextcloud/android

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/android
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5b68a3a475acd0378f91f44dd5eedd79a454b952
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.16.1"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32695.json"