GCVE - cpe:2.3:a:n/a:nextcloud_deck:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:nextcloud_deck:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Nextcloud Deck (`160e1998-e35b-5727-92ca-2f9b1804c7ee`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-22913`	vulnerable	2026-06-08 05:30:01.853590	Details available Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user. Published: 2021-06-11T15:49:37.000Z Updated: 2024-08-03T18:58:25.787Z Open on db.gcve.eu Reference links https://hackerone.com/reports/1167958 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h8f6-wg82-6p7r	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8297`	vulnerable	2026-06-08 05:27:15.567833	Details available Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user. Published: 2021-02-23T18:28:59.000Z Updated: 2024-08-04T09:56:28.323Z Open on db.gcve.eu Reference links https://hackerone.com/reports/882258 https://nextcloud.com/security/advisory/?id=NC-SA-2021-007 https://github.com/nextcloud/deck/pull/1976	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8182`	vulnerable	2026-06-08 05:27:15.112630	Details available Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves. Published: 2020-10-05T13:17:28.000Z Updated: 2024-08-04T09:56:27.465Z Open on db.gcve.eu Reference links https://hackerone.com/reports/827816 https://nextcloud.com/security/advisory/?id=NC-SA-2020-025	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8179`	vulnerable	2026-06-08 05:27:15.106740	Details available Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks. Published: 2020-07-02T18:35:19.000Z Updated: 2024-08-04T09:56:26.920Z Open on db.gcve.eu Reference links https://hackerone.com/reports/867052 https://nextcloud.com/security/advisory/?id=NC-SA-2020-022	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.