CVE-2021-22895

Summary

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud Desktop ClientFixed in 3.3.1affected

Weaknesses

  • CWE-295: Improper Certificate Validation (CWE-295)

ADP Enrichment

CVE Program Container

Additional References

References