{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T05:36:17.905","vulnerabilities":[{"cve":{"id":"CVE-2024-52510","sourceIdentifier":"security-advisories@github.com","published":"2024-11-15T18:15:29.497","lastModified":"2025-08-28T14:21:08.737","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Desktop client is upgraded to 3.14.2 or later."},{"lang":"es","value":"Nextcloud Desktop Client es una herramienta para sincronizar archivos del servidor de Nextcloud con su ordenador. El cliente de escritorio no se detenía con un error, sino que permitía eludir la validación de la firma si un servidor manipulado enviaba una firma inicial vacía. Se recomienda que el cliente de escritorio de Nextcloud se actualice a la versión 3.14.2 o posterior."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.5,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.14.2","matchCriteriaId":"6A655D04-EF1B-4454-A49C-4DB2AB9B6E42"}]}]}],"references":[{"url":"https://github.com/nextcloud/desktop/commit/97539218e6f63c3a3fd1694cb7d8aef27c5910d7","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nextcloud/desktop/pull/7333","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://hackerone.com/reports/2597504","source":"security-advisories@github.com","tags":["Issue Tracking"]}]}}]}