What the vulnerability does

01Description

A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.

Key dates

02Disclosure timeline

August 10, 2020 CVE published
August 4, 2024 Record updated