CVE-2022-39210
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-39210
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-39210.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-39210
- Aliases
-
- GHSA-vw2w-gpcv-v39f
- Published
- 2022-09-16T23:10:15Z
- Modified
- 2025-11-28T04:52:51.609013Z
- Severity
-
- 3.2 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N CVSS Calculator
- Summary
- Access to internal files of the Nextcloud Android app
- Details
-
Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a leak of sensitive information in some cases. It is recommended that the Nextcloud Android app is upgraded to 3.21.0. There are no known workarounds for this issue.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/39xxx/CVE-2022-39210.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-200", "CWE-22" ] }- References