Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/moodle/moodle@1.7.0
purl pkg:composer/moodle/moodle@1.7.0
Tags Ghost
Next non-vulnerable version 4.5.9
Latest non-vulnerable version 5.1.2
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-6ed1-up33-77ex
Aliases:
CVE-2008-5153
GHSA-x7r4-26m9-hmgq
Moodle vulnerable to symlink attack `spell-check-logic.cgi` in Moodle 1.9 before 1.9.4, 1.8 before 1.8.8, 1.7 before 1.7.7 and 1.6 before 1.6.9 allows local users to overwrite arbitrary files via a symlink attack on the (1) `/tmp/spell-check-debug.log`, (2) `/tmp/spell-check-before`, or (3) `/tmp/spell-check-after` temporary file.
1.7.7
Affected by 0 other vulnerabilities.
1.8.8
Affected by 0 other vulnerabilities.
1.9.4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-04T14:31:18.208717+00:00 GHSA Importer Affected by VCID-6ed1-up33-77ex https://github.com/advisories/GHSA-x7r4-26m9-hmgq 38.1.0
2026-04-03T21:25:56.333093+00:00 GitLab Importer Affected by VCID-6ed1-up33-77ex https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2008-5153.yml 38.1.0