Search for packages
| purl | pkg:composer/moodle/moodle@2.7.19 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-2dxb-v1af-jbax | Cross-Site Request Forgery (CSRF) A CSRF attack is possible that allows attackers to change the "number of courses displayed in the course overview block" configuration setting. |
CVE-2017-7491
|
| VCID-5rbf-4dz3-2qdz | Improper Privilege Management Remote authenticated users can take ownership of arbitrary blogs by editing an external blog link. |
CVE-2017-7489
|
| VCID-dhku-uah4-ykh8 | SQL Injection An SQL injection can occur via user preferences. |
CVE-2017-2641
|
| VCID-vtq4-fpr8-hudb | Exposure of Resource to Wrong Sphere In Moodle, searching of arbitrary blogs is possible because a capability check is missing. |
CVE-2017-7490
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-02T04:36:54.145894+00:00 | GitLab Importer | Fixing | VCID-5rbf-4dz3-2qdz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-7489.yml | 38.6.0 |
| 2026-06-02T04:36:53.998687+00:00 | GitLab Importer | Fixing | VCID-2dxb-v1af-jbax | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-7491.yml | 38.6.0 |
| 2026-06-02T04:36:53.865589+00:00 | GitLab Importer | Fixing | VCID-vtq4-fpr8-hudb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-7490.yml | 38.6.0 |
| 2026-06-02T04:36:49.650084+00:00 | GitLab Importer | Fixing | VCID-dhku-uah4-ykh8 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-2641.yml | 38.6.0 |