Lucene search

CVE-2023-22469

🗓️ 10 Jan 2023 21:12:15Reported by GitHub_MType

Deck is a kanban style organization tool integrated with Nextcloud. Unauthorized users could access cached data of users with access to specific cards

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
hackerone	Nextcloud: Reference caching can leak data to unauthorized users	8 Nov 202222:00	–	hackerone
osv	CVE-2023-22469	10 Jan 202321:15	–	osv
nvd	CVE-2023-22469	10 Jan 202321:15	–	nvd
vulnrichment	CVE-2023-22469 Nextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache	10 Jan 202320:26	–	vulnrichment
prion	Code injection	10 Jan 202321:15	–	prion
cvelist	CVE-2023-22469 Nextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache	10 Jan 202320:26	–	cvelist
nextcloud	Deck card reference caching can leak data to unauthorized users	9 Jan 202305:45	–	nextcloud

Nvd

Vulners

Node

nextcloud deckRange<1.8.2

[
  {
    "vendor": "nextcloud",
    "product": "security-advisories",
    "versions": [
      {
        "version": "< 1.8.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/nextcloud/deck/pull/4196
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-8fjp-w9gp-j5hq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Jan 2023 21:15Current

4.1Medium risk

Vulners AI Score4.1

CVSS33.5 - 5.8

EPSS0.00147

SSVC

CWE-922