Nextcloud Deck

17 CVEs affecting Nextcloud Deck. Latest disclosed: 2025-12-05. Critical: 0, High: 2.

Top CVEs affecting Nextcloud Deck
CVESeverityScorePublishedSummary
CVE-2021-39225High8.12021-10-25Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authe…
CVE-2020-8182High8.02020-10-05Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves.
CVE-2021-37631Medium6.52021-09-07Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected vers…
CVE-2021-22913Medium6.52021-06-11Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead…
CVE-2023-22469Medium5.82023-01-10Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference pr…
CVE-2025-66557Medium5.42025-12-05Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and…
CVE-2022-29159Medium5.02022-05-20Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move…
CVE-2019-15619Medium4.82020-02-04Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an X…
CVE-2024-37883Medium4.32024-06-14Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A user with access…
CVE-2020-8297Medium4.32021-02-23Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access…
CVE-2020-8235Medium4.32020-10-05Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.
CVE-2020-8179Medium4.12020-07-02Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.
CVE-2023-22471Low3.52023-01-14Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken access control allows…
CVE-2023-22470Low3.52023-01-14Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error ca…
CVE-2022-24906Low3.52022-05-20Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthoriz…
CVE-2025-66548Low3.32025-12-05Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1…
CVE-2024-22213Unrated2024-01-18Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users co…