The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0.
Advisories
Source ID Title
EUVD EUVD EUVD-2024-36869 The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLD_INSERT_LIBRARIES set in the enviroment. It is recommended that the Nextcloud Desktop client is upgraded to 3.12.0.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 19 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Nextcloud
Nextcloud desktop
CPEs cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
Vendors & Products Apple
Apple macos
Nextcloud
Nextcloud desktop

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2024-08-02T03:57:39.894Z

Reserved: 2024-06-10T19:54:41.360Z

Link: CVE-2024-37885

cve-icon Vulnrichment

Updated: 2024-06-14T22:04:39.609Z

cve-icon NVD

Status : Modified

Published: 2024-06-14T16:15:13.570

Modified: 2024-11-21T09:24:28.147

Link: CVE-2024-37885

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.