Nextcloud Talk 17.0.0 Release Candidate 2 for Android
Approved changes feed: RSS · Atom
cpe:2.3:a:nextcloud:talk:17.0.0:rc2:*:*:*:android:*:*
part: a version: 17.0.0 update: rc2
| Vendor | Nextcloud (e5ae4298-6932-564f-a40d-08cebea039a5) |
|---|---|
| Product | Talk (db48beeb-84ef-573a-aaae-25687287e81a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | android |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/nextcloud/spreed |
purl2cpe | 2026-06-01 10:17:58.594902 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-39957 |
vulnerable | 2026-06-03 14:52:39.591075 |
Path traversal allows tricking the Talk Android app into writing files into it's root directory
HIGH (7.2)
Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android version 17.0.0 has a patch for this issue. No known workarounds are available.
Published: 2023-08-10T15:04:16.233Z
Updated: 2024-10-04T18:59:32.675Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.