CVE-2024-46958 Information

Description

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.

Reference

https://github.com/nextcloud/desktop/issues/6863 https://github.com/nextcloud/desktop/pull/7092 https://github.com/nextcloud/desktop/pull/6949 https://github.com/nextcloud/desktop/compare/v3.13.3…v3.13.4 https://github.com/nextcloud/security-advisories/security/advisories