CVE-2016-8642

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-8642
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-8642.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-8642
Aliases
Downstream
Published
2017-01-20T08:59:00.313Z
Modified
2026-04-11T17:12:42.293589Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

In Moodle 2.x and 3.x, the question engine allows access to files that should not be available.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1f04e7c6854a0c88cf09442d6c50e558e0157478
Last affected
21db825b19e84bb24c0661b551a5069970e143c4
Last affected
296b602f2cd751cac5de6bda553db381432da704
Last affected
f2c730fecfcc9850ea39cf53186f8b3f0a114ae1
Last affected
68b1fd2c5500284e0afe8fda78b2e9551eb697a6
Last affected
f4dc567e79e871b7e0aab64dd39706ac112094ac
Last affected
be3e6f62029e26a125871d4b6bf42156cb7e512c
Last affected
dc7b914677dcdded287671ca9eb92e0e95e9f2a0
Last affected
1f2979d0e51c2d2a8dc535b9c84b7364016fe8d4
Last affected
e494078a27ae8fd2f91c908d12911adb3c32e6ee
Last affected
ae1854f55c265e2e0966de4b81636c31c641b029
Last affected
2e8e92b0f1a21a77aadcb320d358273855193cd0
Last affected
3ed9d1c176a0ffabc2b395a026e80f9435775c7d
Last affected
aba54964abec2081ba139ad0ea1a4f5627c24fa7
Last affected
cbd90c01c120a199ca53b5965785c55f88834cdc
Last affected
c948f378b9d7a819d2d430894fa9840cfe9b5590
Last affected
b7d2ed3004ba4f165aba55e1a235f02d55f76624
Last affected
3a325f777f9d43fda5c1dfb1287a8bf6d8e61938
Last affected
d16cdbd81fbf07e33f55c26f0569ee1424126b59
Last affected
b0f0573e743428c7528c58b4d89f9aa5caeb376e
Last affected
9ea5796a6339c574d2304f543e4d5ae55df24bf1
Last affected
1174a463f341a441b77926748a76dd4f4fbda120
Last affected
567ab3d5d18a81ee9f60e29e5d589450f4ea5fd5
Last affected
6114fab93b414fcfa107d5a8fa2b35bc99d3464e
Last affected
62e799ac84232c065790c8cab0f841e43ae038e0
Last affected
5d35d7b8843f5f4571dd0b10ad1490cd524e67da
Last affected
97dd32edd69cd9d034b56b1f2c3ffe2f2e0832e9
Last affected
d97b3d4c81e89e7495478e40a5ff25a22d6e7a5f
Last affected
0324fefaf6bccbb3443070af41d0f34ac3ed81ee
Last affected
b022c2cd1c5e183659739c9e5bc1b4542c6967de
Last affected
268abfacc54c4cbf9722c1502569b311c7caefff
Last affected
47806ea17e5e9728927b354e474e48d14ea8f4f4
Last affected
f851201f58662264ad7864dbbf8e2240ce7bf84a
Database specific 
{
    "cpe": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.8.12:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:2.9.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.0.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.1.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.1.2:*:*:*:*:*:*:*"
    ],
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7.16"
        },
        {
            "last_affected": "2.8.0"
        },
        {
            "last_affected": "2.8.1"
        },
        {
            "last_affected": "2.8.2"
        },
        {
            "last_affected": "2.8.3"
        },
        {
            "last_affected": "2.8.4"
        },
        {
            "last_affected": "2.8.5"
        },
        {
            "last_affected": "2.8.6"
        },
        {
            "last_affected": "2.8.7"
        },
        {
            "last_affected": "2.8.8"
        },
        {
            "last_affected": "2.8.9"
        },
        {
            "last_affected": "2.8.10"
        },
        {
            "last_affected": "2.8.11"
        },
        {
            "last_affected": "2.8.12"
        },
        {
            "last_affected": "2.9.0"
        },
        {
            "last_affected": "2.9.1"
        },
        {
            "last_affected": "2.9.2"
        },
        {
            "last_affected": "2.9.3"
        },
        {
            "last_affected": "2.9.4"
        },
        {
            "last_affected": "2.9.5"
        },
        {
            "last_affected": "2.9.6"
        },
        {
            "last_affected": "2.9.7"
        },
        {
            "last_affected": "2.9.8"
        },
        {
            "last_affected": "3.0.0"
        },
        {
            "last_affected": "3.0.1"
        },
        {
            "last_affected": "3.0.2"
        },
        {
            "last_affected": "3.0.3"
        },
        {
            "last_affected": "3.0.4"
        },
        {
            "last_affected": "3.0.5"
        },
        {
            "last_affected": "3.0.6"
        },
        {
            "last_affected": "3.1.0"
        },
        {
            "last_affected": "3.1.1"
        },
        {
            "last_affected": "3.1.2"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.3.0
v2.*
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.0.1
v2.1.0
v2.2.0
v2.2.0-beta
v2.2.0-rc1
v2.3.0
v2.3.0-beta
v2.3.0-rc1
v2.4.0
v2.4.0-beta
v2.4.0-rc1
v2.5.0
v2.5.0-beta
v2.5.0-rc1
v2.6.0
v2.6.0-beta
v2.6.0-rc1
v2.7.0
v2.7.0-beta
v2.7.0-rc1
v2.7.0-rc2
v2.7.1
v2.7.10
v2.7.12
v2.7.13
v2.7.14
v2.7.15
v2.7.16
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6
v2.7.7
v2.7.8
v2.7.9
v2.8.0
v2.8.0-beta
v2.8.0-rc1
v2.8.0-rc2
v2.8.1
v2.8.10
v2.8.11
v2.8.12
v2.8.2
v2.8.3
v2.8.4
v2.8.5
v2.8.6
v2.8.7
v2.8.8
v2.8.9
v2.9.0
v2.9.0-beta
v2.9.0-rc1
v2.9.0-rc2
v2.9.1
v2.9.2
v2.9.3
v2.9.4
v2.9.5
v2.9.6
v2.9.7
v2.9.8
v3.*
v3.0.0
v3.0.0-beta
v3.0.0-rc1
v3.0.0-rc2
v3.0.0-rc3
v3.0.0-rc4
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.1.0
v3.1.0-beta
v3.1.0-rc1
v3.1.0-rc2
v3.1.1
v3.1.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-8642.json"