Vulnerability Details CVE-2022-31157
LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known workarounds.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-31157
-
cpe:2.3:a:packback:lti_1.3_tool_library:-
-
cpe:2.3:a:packback:lti_1.3_tool_library:1.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:1.0.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:1.1.1
-
cpe:2.3:a:packback:lti_1.3_tool_library:2.0.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:2.0.1
-
cpe:2.3:a:packback:lti_1.3_tool_library:2.0.2
-
cpe:2.3:a:packback:lti_1.3_tool_library:2.0.3
-
cpe:2.3:a:packback:lti_1.3_tool_library:3.0.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:3.0.1
-
cpe:2.3:a:packback:lti_1.3_tool_library:3.0.2
-
cpe:2.3:a:packback:lti_1.3_tool_library:3.0.3
-
cpe:2.3:a:packback:lti_1.3_tool_library:4.0.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:4.1.0
-
cpe:2.3:a:packback:lti_1.3_tool_library:4.1.1
-
cpe:2.3:a:packback:lti_1.3_tool_library:4.1.2
-
cpe:2.3:a:packback:lti_1.3_tool_library:4.1.3