Search for packages
| purl | pkg:composer/moodle/moodle@2.7.16 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-v54t-5thx-1beu
Aliases: CVE-2016-8642 GHSA-x32v-7qw8-cpq8 |
Improper Access Control In Moodle 2.x and 3.x, the question engine allows access to files that should not be available. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-vb67-yux5-ayhf | Weak Password Recovery Mechanism for Forgotten Password In Moodle, web service tokens are not invalidated when the user password is changed or forced to be changed. |
CVE-2016-7038
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:42:45.225947+00:00 | GitLab Importer | Affected by | VCID-v54t-5thx-1beu | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2016-8642.yml | 38.6.0 |
| 2026-06-02T04:36:46.046842+00:00 | GitLab Importer | Fixing | VCID-vb67-yux5-ayhf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2016-7038.yml | 38.6.0 |