Search for packages
| purl | pkg:composer/moodle/moodle@2.3.3 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-hxhr-sxkm-nka6
Aliases: CVE-2012-6099 GHSA-cr78-rphw-w73p |
Improper Input Validation The moodle1 backup converter in backup/converter/moodle1/lib.php in Moodle 2.1.x before 2.1.10, 2.2.x before 2.2.7, 2.3.x before 2.3.4, and 2.4.x before 2.4.1 does not properly validate pathnames, which allows remote authenticated users to read arbitrary files by leveraging the backup-restoration feature. |
Affected by 242 other vulnerabilities.
This version is affected by these other vulnerabilities:
Affected by 245 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:01:15.778893+00:00 | GHSA Importer | Fixing | VCID-uhws-64fm-hybk | https://github.com/advisories/GHSA-mpjx-8phj-5m34 | 38.0.0 |
| 2026-04-01T16:01:14.007743+00:00 | GHSA Importer | Affected by | VCID-hxhr-sxkm-nka6 | https://github.com/advisories/GHSA-cr78-rphw-w73p | 38.0.0 |
| 2026-04-01T13:09:30.851015+00:00 | GithubOSV Importer | Fixing | VCID-uhws-64fm-hybk | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mpjx-8phj-5m34/GHSA-mpjx-8phj-5m34.json | 38.0.0 |
| 2026-04-01T12:50:17.462676+00:00 | GitLab Importer | Affected by | VCID-hxhr-sxkm-nka6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2012-6099.yml | 38.0.0 |
| 2026-04-01T12:50:10.640653+00:00 | GitLab Importer | Fixing | VCID-uhws-64fm-hybk | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2012-5471.yml | 38.0.0 |