CVE-2022-24885
Improper Authentication in Nextcloud Android Files
EPSS 0.47%
描述
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for the problem. There are currently no known workarounds.
如何修補 CVE-2022-24885
要修補 CVE-2022-24885,請將受影響套件升級到下列已修補版本。
- Bitnami/nextcloud—升級至 3.19.1 或更新版本
CVE-2022-24885 正在被利用嗎?
低 — EPSS 為 0.5%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 3.19.1