{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "3.13.0"
              },
              {
                "fixed": "3.25.0"
              }
            ]
          },
          "events": [
            {
              "introduced": "e7b260f74daa548efada6f8127c8fbecda38c5f9"
            },
            {
              "fixed": "729ff137b27c49ebe1e9fcb74f420cc625d1084c"
            }
          ],
          "repo": "https://github.com/nextcloud/android",
          "type": "GIT"
        }
      ]
    },
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "ff175088a391007b66bfca89ef35cf29e37cf001"
            },
            {
              "fixed": "b15f9376b2761b7dd9726aa3a110b1077ef57094"
            }
          ],
          "repo": "https://github.com/nextcloud/desktop",
          "type": "GIT"
        }
      ]
    },
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "3.0.5"
              },
              {
                "fixed": "4.8.0"
              }
            ]
          },
          "events": [
            {
              "introduced": "3f03074d8f5060733256281d063db9e2cbc43552"
            },
            {
              "fixed": "206f5d46966c0504e199307477d8ee759faa6607"
            }
          ],
          "repo": "https://github.com/nextcloud/ios",
          "type": "GIT"
        }
      ]
    }
  ],
  "aliases": [
    "GHSA-8875-wxww-3rr8"
  ],
  "database_specific": {
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
      "CWE-325"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28999.json"
  },
  "details": "Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.​ This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.",
  "id": "CVE-2023-28999",
  "modified": "2026-04-01T23:08:34.974275334Z",
  "published": "2023-04-04T12:51:08.241Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_DanieleCoppola.pdf"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28999.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8875-wxww-3rr8"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28999"
    },
    {
      "type": "FIX",
      "url": "https://github.com/nextcloud/desktop/pull/5560"
    }
  ],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Nextcloud: Lack of authenticity of metadata keys allows a malicious server to gain access to E2EE folders"
}