ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present.
References
Link | Resource |
---|---|
https://owncloud.com/security-advisories/cve-2020-28646/ | Vendor Advisory |
https://owncloud.com/security-advisories/feed/ | Vendor Advisory |
Configurations
History
21 Sep 2022, 18:18
Type | Values Removed | Values Added |
---|---|---|
First Time |
Owncloud owncloud Desktop Client
|
|
CPE | cpe:2.3:a:owncloud:owncloud_desktop_client:*:*:*:*:*:*:*:* |
04 Mar 2021, 17:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* | |
References | (MISC) https://owncloud.com/security-advisories/feed/ - Vendor Advisory | |
References | (MISC) https://owncloud.com/security-advisories/cve-2020-28646/ - Vendor Advisory | |
CWE | CWE-427 | |
CVSS |
v2 : v3 : |
v2 : 4.4
v3 : 7.8 |
26 Feb 2021, 15:58
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-26 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-28646
Mitre link : CVE-2020-28646
CVE.ORG link : CVE-2020-28646
JSON object : View
Products Affected
owncloud
- owncloud_desktop_client
CWE
CWE-427
Uncontrolled Search Path Element