Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24886

April 27, 2022, 2:15 p.m. |

National Vulnerability Database nist.gov

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions prior to 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Contacts permission itself. Version 3.19.0 contains a fix for this issue. There are currently no known workarounds.

cve nextcloud

Field CISO

@ Rubrik | London, United Kingdom

Android-Savvy Reverse Engineer

@ ARSIEM | Laurel, MD

Junior Information Security Analyst

@ IT Concepts Inc. | Washington, District of Columbia, United States

Senior Network Security Engineer

@ UBDS | England, United Kingdom - Remote

Software Engineer, Security Infrastructure

@ Robinhood | US - Remote

Mid-Level Research Cyber Security Engineer (Hybrid options available)

@ Riverside Research | Beavercreek, Ohio

Security Intelligence Manager, Incident Response

@ Atlassian | Sydney, Australia

Security Consultant, Professional Services

@ Amazon.com | Seoul, KOR

Senior Cybersecurity Architect

@ Lucayan Technology Solutions LLC | Tampa, Florida, United States

Application Security Engineer

@ PlayStation Global | United States, San Francisco, CA

Security Engineer I, Offensive Security Penetration Testing

@ Amazon.com | US, TX, Virtual Location - Texas

Cyber Security Engineer

@ GWA Group | Derrimut, Victoria, Australia