Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/moodle/moodle@3.3.7
purl pkg:composer/moodle/moodle@3.3.7
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-4rz2-b4e3-87g5 Injection Vulnerability When a quiz question bank is imported, it is possible for the question preview that is displayed to execute JavaScript that is written into the question bank. CVE-2018-10891
VCID-8mgr-gdzj-4ybs Information Exposure A flaw was found in Moodle. It is possible for the `core_course_get_categories` web service to return hidden categories, which should be omitted when fetching course categories. CVE-2018-10890
VCID-mmg3-7fz9-5uak Inclusion of Sensitive Information in Log Files A flaw was found in Moodle. No option exists to omit logs from data privacy exports, which may contain details of other users who interacted with the requester. CVE-2018-10889

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:37:59.928468+00:00 GitLab Importer Fixing VCID-8mgr-gdzj-4ybs https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2018-10890.yml 38.6.0
2026-06-02T04:37:59.829963+00:00 GitLab Importer Fixing VCID-mmg3-7fz9-5uak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2018-10889.yml 38.6.0
2026-06-02T04:37:59.619138+00:00 GitLab Importer Fixing VCID-4rz2-b4e3-87g5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2018-10891.yml 38.6.0