CVE-2020-28646
First published: Fri Feb 26 2021(Updated: )
ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Owncloud Owncloud Desktop Client | <2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this DLL Injection vulnerability?
The vulnerability ID for this DLL Injection vulnerability is CVE-2020-28646.
What is the severity of CVE-2020-28646?
The severity of CVE-2020-28646 is high, with a severity value of 7.8.
What is the affected software for CVE-2020-28646?
The affected software for CVE-2020-28646 is the ownCloud Desktop Client version up to exclusive 2.7.
How does the DLL Injection vulnerability in ownCloud owncloud/client before 2.7 occur?
The vulnerability in ownCloud owncloud/client before 2.7 occurs when the desktop client loaded development plugins from certain directories when they were present.
Is there a fix available for CVE-2020-28646?
Yes, ownCloud has released a fix for CVE-2020-28646. It is recommended to update to the latest version of the ownCloud Desktop Client.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/owncloud
- canonical/owncloud owncloud desktop client