Nextcloud Mail

Nextcloud Mail Shared File Attachment Vulnerability

CVE-2024-52509 - November 15, 2024

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2.

Authorization

Nextcloud Mail Auto-Configuration Information Disclosure Vulnerability

CVE-2024-52508 - November 15, 2024

Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like user@example.tld that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended that the Nextcloud Mail app is upgraded to 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 or 4.0.0.

Information Disclosure

Nextcloud Mail is a mail app in Nextcloud

CVE-2023-33184 5.3 - Medium - May 27, 2023

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.

SSRF

Nextcloud mail is a Mail app for the Nextcloud home server product

CVE-2022-31131 4.3 - Medium - July 06, 2022

Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended that the Nextcloud Mail app is upgraded to 1.12.2. There are no known workarounds for this issue. ### Workarounds No workaround available ### References * [Pull request](https://github.com/nextcloud/mail/pull/6600) * [HackerOne](https://hackerone.com/reports/1579820) ### For more information If you have any questions or comments about this advisory: * Create a post in [nextcloud/security-advisories](https://github.com/nextcloud/security-advisories/discussions) * Customers: Open a support ticket at [support.nextcloud.com](https://support.nextcloud.com)

Insecure Direct Object Reference / IDOR

Nextcloud Mail is a mail app for Nextcloud

CVE-2021-32707 4.3 - Medium - July 12, 2021

Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a `background-image` CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there was no IP leakage. The issue was patched in version 1.9.6 and 1.10.0. No workarounds are known to exist.

Nextcloud Mail is a mail app for the Nextcloud platform

CVE-2021-32652 4.3 - Medium - June 01, 2021

Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the patches are known to exist.

AuthZ

A missing verification of the TLS host in Nextcloud Mail 1.1.3

CVE-2020-8156 7 - High - May 12, 2020

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.

Improper Certificate Validation