You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Code injection in Nextcloud Desktop Client for macOS
Low
nickvergessen
published
GHSA-4mf7-v63m-99p7Jun 14, 2024
Package
Desktop client
(Nextcloud)
Affected versions
<= 3.12.0
Patched versions
3.12.0
Description
Impact
A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment.
Patches
It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0
Impact
A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment.
Patches
It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0
Workarounds
References
For more information
If you have any questions or comments about this advisory: