CVE-2019-5452

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.

Published: Jul 30, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-5452
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.4
AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
nextcloud / nextcloud	-	3.6.2

https://hackerone.com/reports/534541

Vulnerability Database

289,784

CVE-2019-5452