GHSA-c2r4-f8qv-2v7v
Suggest an improvement- Source
- https://github.com/advisories/GHSA-c2r4-f8qv-2v7v
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-c2r4-f8qv-2v7v/GHSA-c2r4-f8qv-2v7v.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-c2r4-f8qv-2v7v
- Aliases
-
- CVE-2015-5341
- Published
- 2022-05-13T01:12:49Z
- Modified
- 2024-11-29T05:40:53.217886Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Moodle allows attackers to read SCORM contents
- Details
-
mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.
- Database specific
{ "nvd_published_at": "2016-02-22T05:59:00Z", "cwe_ids": [], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-01-26T20:12:19Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2015-5341
- https://github.com/moodle/moodle/commit/03b1f63d40d09c206f641b246110c2371d3068a2
- https://github.com/moodle/moodle/commit/3d58fd5841308018b32ca78206c74f27c4d4b9c3
- https://github.com/moodle/moodle/commit/5f65bb2e436620f9026b363484294299c2327740
- https://github.com/moodle/moodle/commit/d01512e36c449f52ddc5e41db567d8f375fc153d
- https://github.com/moodle/moodle/commit/d28eedd5363b4f081f9e66d0c9014d84792a89d7
- https://github.com/moodle/moodle/commit/f1178ebcd9cf1c149892335c52f6ccad066e3e05
- https://github.com/moodle/moodle/commit/fe9bd2b8bb73e958067f2bdb227a8d0e7cffbcda
- https://github.com/moodle/moodle
- https://moodle.org/mod/forum/discuss.php?d=323236
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50837
Affected packages
Packagist / moodle/moodle
Package
- Name
- moodle/moodle
- Purl
- pkg:composer/moodle/moodle
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.7.11
Affected versions
v2.*
v2.3.4
v2.3.5
v2.3.6
v2.3.7
v2.3.8
v2.3.9
v2.3.10
v2.3.11
v2.4.0-rc1
v2.4.0
v2.4.1
v2.4.2
v2.4.3
v2.4.4
v2.4.5
v2.4.6
v2.4.7
v2.4.8
v2.4.9
v2.4.10
v2.4.11
v2.5.0-beta
v2.5.0-rc1
v2.5.0
v2.5.1
v2.5.2
v2.5.3
v2.5.4
v2.5.5
v2.5.6
v2.5.7
v2.5.8
v2.5.9
v2.6.0-beta
v2.6.0-rc1
v2.6.0
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v2.6.10
v2.6.11
v2.7.0-beta
v2.7.0-rc1
v2.7.0-rc2
v2.7.0
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6
v2.7.7
v2.7.8
v2.7.9
v2.7.10
Packagist / moodle/moodle
Package
- Name
- moodle/moodle
- Purl
- pkg:composer/moodle/moodle
Packagist / moodle/moodle
Package
- Name
- moodle/moodle
- Purl
- pkg:composer/moodle/moodle