Nextcloud Deck
17 CVEs affecting Nextcloud Deck. Latest disclosed: 2025-12-05. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-39225 | High | 8.1 | 2021-10-25 | Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authe… |
CVE-2020-8182 | High | 8.0 | 2020-10-05 | Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves. |
CVE-2021-37631 | Medium | 6.5 | 2021-09-07 | Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected vers… |
CVE-2021-22913 | Medium | 6.5 | 2021-06-11 | Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead… |
CVE-2023-22469 | Medium | 5.8 | 2023-01-10 | Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference pr… |
CVE-2025-66557 | Medium | 5.4 | 2025-12-05 | Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and… |
CVE-2022-29159 | Medium | 5.0 | 2022-05-20 | Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move… |
CVE-2019-15619 | Medium | 4.8 | 2020-02-04 | Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an X… |
CVE-2024-37883 | Medium | 4.3 | 2024-06-14 | Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A user with access… |
CVE-2020-8297 | Medium | 4.3 | 2021-02-23 | Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access… |
CVE-2020-8235 | Medium | 4.3 | 2020-10-05 | Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments. |
CVE-2020-8179 | Medium | 4.1 | 2020-07-02 | Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. |
CVE-2023-22471 | Low | 3.5 | 2023-01-14 | Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken access control allows… |
CVE-2023-22470 | Low | 3.5 | 2023-01-14 | Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error ca… |
CVE-2022-24906 | Low | 3.5 | 2022-05-20 | Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthoriz… |
CVE-2025-66548 | Low | 3.3 | 2025-12-05 | Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1… |
CVE-2024-22213 | Unrated | | 2024-01-18 | Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users co… |