Search for packages
| purl | pkg:composer/moodle/moodle@2.6.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-rdfn-52p2-afa7
Aliases: CVE-2014-7845 GHSA-9v64-447r-wch6 |
Moodle Temporary Passwords are Brute Force-able The generate_password function in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide a sufficient number of possible temporary passwords, which allows remote attackers to obtain access via a brute-force attack. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-hck4-emsr-q7dc | Moodle allows discovery of an author's username The forum_print_latest_discussions function in mod/forum/lib.php in Moodle through 2.4.11, 2.5.x before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2 allows remote authenticated users to bypass the individual answer-posting requirement without the mod/forum:viewqandawithoutposting capability, and discover an author's username, by leveraging the student role and visiting a Q&A forum. |
CVE-2014-3617
GHSA-p5j7-26wj-423j |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:42:59.229553+00:00 | GitLab Importer | Fixing | VCID-hck4-emsr-q7dc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2014-3617.yml | 38.6.0 |
| 2026-06-02T04:42:47.223375+00:00 | GitLab Importer | Affected by | VCID-rdfn-52p2-afa7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2014-7845.yml | 38.6.0 |