CVE-2017-1000134

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-1000134
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000134.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000134
Published
2017-11-03T18:29:00Z
Modified
2024-09-03T01:36:29.734166Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable because group members can lose access to the group files they uploaded if another group member changes the access permissions on them.

References

Affected packages

Git / github.com/maharaproject/mahara

Affected versions

1.*

1.0.0ALPHA1_RELEASE
1.0.0ALPHA2_RELEASE
1.0.0BETA1_RELEASE
1.0.0BETA2_RELEASE
1.1.0ALPHA1_RELEASE
1.1.0ALPHA2_RELEASE
1.1.0ALPHA3_RELEASE
1.1.0BETA1_RELEASE
1.1.0BETA2_RELEASE
1.1.0BETA3_RELEASE
1.1.0BETA4_RELEASE
1.10RC1_RELEASE
1.2.0ALPHA1_RELEASE
1.2.0ALPHA2_RELEASE
1.2.0ALPHA3_RELEASE
1.2.0BETA1_RELEASE
1.2.0BETA2_RELEASE
1.2.0BETA3_RELEASE
1.2.0BETA4_RELEASE
1.2.0RC1_RELEASE
1.3.0BETA1_RELEASE
1.3.0BETA2_RELEASE
1.3.0BETA3_RELEASE
1.3.0BETA4_RELEASE
1.4.0ALPHA1_RELEASE
1.7RC1_RELEASE
1.8.1_RELEASE
1.8.2_RELEASE
1.8.3_RELEASE
1.8.4_RELEASE
1.8.5_RELEASE
1.8RC1_RELEASE
1.8RC2_RELEASE
1.9.0_RELEASE
1.9.1_RELEASE
1.9RC1_RELEASE

15.*

15.04RC1_RELEASE
15.04RC2_RELEASE