Vulnerabilities > Nextcloud > Deck > 0.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-14 | CVE-2023-22470 | Improper Input Validation vulnerability in Nextcloud Deck Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 6.5 |
| 2023-01-14 | CVE-2023-22471 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 4.3 |
| 2023-01-10 | CVE-2023-22469 | Insecure Storage of Sensitive Information vulnerability in Nextcloud Deck Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 3.5 |
| 2022-05-20 | CVE-2022-24906 | Information Exposure Through an Error Message vulnerability in Nextcloud Deck Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. | 4.3 |
| 2022-05-20 | CVE-2022-29159 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. | 4.0 |
| 2021-10-25 | CVE-2021-39225 | Missing Authorization vulnerability in Nextcloud Deck Nextcloud is an open-source, self-hosted productivity platform. | 5.5 |
| 2021-09-07 | CVE-2021-37631 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 4.0 |
| 2021-06-11 | CVE-2021-22913 | Information Exposure vulnerability in Nextcloud Deck Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user. | 4.3 |
| 2021-02-23 | CVE-2020-8297 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user. | 4.0 |
| 2020-07-02 | CVE-2020-8179 | Improper Privilege Management vulnerability in Nextcloud Deck Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. | 4.0 |