CVE-2021-22912 - AskarLabs CVE Database

CVE-2021-22912

Vendor N/A

Product Nextcloud iOS app (it.twsweb.Nextcloud)

Weakness CWE-200 · Info exposure

Published June 11, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.

Key dates

02Disclosure timeline

June 11, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-22912 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2024-1979 Quarkus: information leak in annotation CVE-2023-0901 Exposure of Sensitive Information to an Unauthorized Actor in pixelfed/pixelfed CVE-2025-12297 atjiu pybbs UserApiController.java information disclosure CVE-2022-48319 Host secret disclosed in Checkmk logs CVE-2026-3433 Mattermost fails to scope role_updated websocket events to authorized team and channel members