Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
Debian Linux Security Advisory 4974-1 - Two vulnerabilities were discovered in the Nextcloud desktop client, which could result in information disclosure.