VulnerableCode Package Details - pkg:composer/moodle/moodle@3.3.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/moodle/moodle@3.3.2

Essentials
History (5)

purl	pkg:composer/moodle/moodle@3.3.2

Next non-vulnerable version	3.3.6
Latest non-vulnerable version	5.1.2
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-83kb-4mk9-t7ge Aliases: CVE-2017-15110	Information Exposure Students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.	3.3.3 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zgzm-wj81-jkah Aliases: CVE-2017-12156	Cross-site Scripting Moodle has an XSS in the contact form on the "non-respondents" page in non-anonymous feedback.	3.3.3 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-9nd7-4wve-97hc	Information Exposure Various course reports allow teachers to view details about users in the groups they cannot access.	CVE-2017-12157
VCID-q2fa-jymp-c3bb	Information Exposure Moodle has a user fullname disclosure through the user preferences page.	CVE-2017-2642
VCID-yp82-zj5g-pbaf	Improper Privilege Management Course creators are able to change system default settings for courses.	CVE-2017-7532

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:37:21.594608+00:00	GitLab Importer	Affected by	VCID-83kb-4mk9-t7ge	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-15110.yml	38.6.0
2026-06-02T04:37:05.046559+00:00	GitLab Importer	Fixing	VCID-9nd7-4wve-97hc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-12157.yml	38.6.0
2026-06-02T04:37:04.879687+00:00	GitLab Importer	Affected by	VCID-zgzm-wj81-jkah	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-12156.yml	38.6.0
2026-06-02T04:36:58.281492+00:00	GitLab Importer	Fixing	VCID-q2fa-jymp-c3bb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-2642.yml	38.6.0
2026-06-02T04:36:57.903401+00:00	GitLab Importer	Fixing	VCID-yp82-zj5g-pbaf	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2017-7532.yml	38.6.0