Lucene search

CVE-2023-22470

🗓️ 14 Jan 2023 01:13:15Reported by GitHub_MType

Nextcloud Deck, kanban style organization tool, potential DoS from database erro

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Hacker One	Nextcloud: Missing character limitation allows to put generate a database error	9 Jun 202216:44	–	hackerone
Prion	Code injection	14 Jan 202301:15	–	prion
Vulnrichment	CVE-2023-22470 Nextcloud Deck vulnerable to uncontrolled resource consumption	14 Jan 202300:32	–	vulnrichment
NVD	CVE-2023-22470	14 Jan 202301:15	–	nvd
CNVD	Nextcloud Resource Management Error Vulnerability (CNVD-2023-04308)	17 Jan 202300:00	–	cnvd
OSV	CVE-2023-22470	14 Jan 202301:15	–	osv
Cvelist	CVE-2023-22470 Nextcloud Deck vulnerable to uncontrolled resource consumption	14 Jan 202300:32	–	cvelist
Nextcloud	Missing character limitation allows to put generate a database error	9 Jan 202305:45	–	nextcloud

Nvd

Vulners

Node

nextcloud deckRange<1.6.5

nextcloud deckRange1.7.0–1.7.3

nextcloud deckRange1.8.0–1.8.2

[
  {
    "vendor": "nextcloud",
    "product": "security-advisories",
    "versions": [
      {
        "version": ">= 1.6.0, < 1.6.5",
        "status": "affected"
      },
      {
        "version": ">= 1.7.0, < 1.7.3",
        "status": "affected"
      },
      {
        "version": ">= 1.8.0, < 1.8.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/nextcloud/deck/pull/4059
github	www.github.com/nextcloud/security-advisories/security/advisories/GHSA-93j5-wx4c-6g88

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Jan 2023 01:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS33.5 - 6.5

EPSS0.00076

SSVC