| 0 |
| url |
VCID-1efm-18zh-w7gm |
| vulnerability_id |
VCID-1efm-18zh-w7gm |
| summary |
Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-62400, GHSA-422v-w6c5-vq42
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1efm-18zh-w7gm |
|
| 1 |
| url |
VCID-21mq-pewz-ekdt |
| vulnerability_id |
VCID-21mq-pewz-ekdt |
| summary |
Moodle Cross-site Scripting vulnerability
A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304266 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
1.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304266 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
1.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461207 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
1.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461207 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43437, GHSA-4hjf-6pxr-549h
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-21mq-pewz-ekdt |
|
| 2 |
| url |
VCID-24bp-c9yc-gua4 |
| vulnerability_id |
VCID-24bp-c9yc-gua4 |
| summary |
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
H5P metadata automatically populated the author with the user's username, which could be sensitive information. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243444 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243444 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451586 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451586 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5545, GHSA-26fg-v32r-h663
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-24bp-c9yc-gua4 |
|
| 3 |
| url |
VCID-2urf-d2qr-abdy |
| vulnerability_id |
VCID-2urf-d2qr-abdy |
| summary |
Moodle Lesson activity password bypass through PHP loose comparison
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309940 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:16Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309940 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/security |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://moodle.org/security |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.7 |
| purl |
pkg:composer/moodle/moodle@4.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 10 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 11 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 12 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 13 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 14 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 19 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 20 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 21 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 24 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 25 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 26 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 27 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 28 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 29 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 30 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 31 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 32 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.3 |
| purl |
pkg:composer/moodle/moodle@4.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 18 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 19 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 23 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 24 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 25 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 26 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 27 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 28 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 29 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 30 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 31 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 32 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 33 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 34 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 35 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 36 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 37 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 38 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 39 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 40 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 41 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 42 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3 |
|
|
| aliases |
CVE-2024-45691, GHSA-xfv7-h2qg-rjm7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2urf-d2qr-abdy |
|
| 4 |
| url |
VCID-2wsu-7rzh-h7cs |
| vulnerability_id |
VCID-2wsu-7rzh-h7cs |
| summary |
Moodle has user information visibility control issues in gradebook reports
A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the "view hidden user fields" capability having access to the information. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304257 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304257 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461197 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461197 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43429, GHSA-c767-4whh-v7rw
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2wsu-7rzh-h7cs |
|
| 5 |
| url |
VCID-3nu2-1cwj-sfdd |
| vulnerability_id |
VCID-3nu2-1cwj-sfdd |
| summary |
Moodle BigBlueButton web service leaks meeting joining information
Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=459498 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=459498 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.8 |
| purl |
pkg:composer/moodle/moodle@4.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 7 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 10 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 11 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 12 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 13 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 14 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 15 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 16 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 19 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 20 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 21 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 24 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.5 |
| purl |
pkg:composer/moodle/moodle@4.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 10 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 11 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 12 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 19 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 20 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 23 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 24 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 33 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 34 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 35 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 36 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 37 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 38 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 39 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 40 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 41 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 42 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 43 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 44 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 45 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 46 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 47 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 48 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 49 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 50 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.1 |
| purl |
pkg:composer/moodle/moodle@4.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 10 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 11 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 12 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 13 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 14 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 15 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 16 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 17 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 18 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 24 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 25 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 26 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 27 |
| vulnerability |
VCID-edb5-zwa3-mfam |
|
| 28 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 29 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 30 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 31 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 32 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 33 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 34 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 35 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 36 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 37 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 38 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 39 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 40 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 41 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 42 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 43 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 44 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 45 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 46 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 47 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 48 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 49 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 50 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 51 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 52 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 53 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 54 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 55 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 56 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 57 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 58 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 59 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 60 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 61 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 62 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1 |
|
|
| aliases |
CVE-2024-38273, GHSA-x29x-qwvx-fxr2
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3nu2-1cwj-sfdd |
|
| 6 |
| url |
VCID-3nvq-s7y5-fufr |
| vulnerability_id |
VCID-3nvq-s7y5-fufr |
| summary |
Moodle reflected XSS via H5P error message
A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43439, GHSA-hjgc-jxjc-8v9j
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3nvq-s7y5-fufr |
|
| 7 |
| url |
VCID-4c9d-jf9g-u3gn |
| vulnerability_id |
VCID-4c9d-jf9g-u3gn |
| summary |
Moodle Improper Access Control vulnerability
Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they does not have the capability to manage. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243451 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243451 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451590 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451590 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5549, GHSA-fm5h-58g2-4m3f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4c9d-jf9g-u3gn |
|
| 8 |
| url |
VCID-4svp-grnb-2fh3 |
| vulnerability_id |
VCID-4svp-grnb-2fh3 |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243445 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:14:29Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243445 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451587 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:14:29Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451587 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5546, GHSA-9724-h8p7-r3jv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4svp-grnb-2fh3 |
|
| 9 |
| url |
VCID-5ba5-pee7-6kh1 |
| vulnerability_id |
VCID-5ba5-pee7-6kh1 |
| summary |
Moodle stored Cross-site Scripting (XSS)
Additional sanitizing was required when opening the equation editor to prevent a stored Cross-site Scripting (XSS) risk when editing another user's equation. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-33997, GHSA-9qgq-93c7-9hm4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5ba5-pee7-6kh1 |
|
| 10 |
| url |
VCID-5s33-v19s-sqd6 |
| vulnerability_id |
VCID-5s33-v19s-sqd6 |
| summary |
Moodle Cross-site Scripting (XSS)
ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34000, GHSA-8qwh-4vwv-7c5m
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5s33-v19s-sqd6 |
|
| 11 |
| url |
VCID-657g-68tv-dkam |
| vulnerability_id |
VCID-657g-68tv-dkam |
| summary |
Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits
A Denial of Service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-26047, GHSA-cg8j-5cr2-568q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-657g-68tv-dkam |
|
| 12 |
| url |
VCID-6726-ca8y-4uez |
| vulnerability_id |
VCID-6726-ca8y-4uez |
| summary |
Improper Access Control in moodle
Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264097 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264097 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=455637 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=455637 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25981, GHSA-jfrg-9hpq-9hvp
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6726-ca8y-4uez |
|
| 13 |
| url |
VCID-6p1s-2r14-z7ax |
| vulnerability_id |
VCID-6p1s-2r14-z7ax |
| summary |
Moodle admin presets export tool includes some secrets that should not be exported
A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304255 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
1.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304255 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
1.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461195 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
1.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461195 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43427, GHSA-vpq5-56jj-vf2m
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6p1s-2r14-z7ax |
|
| 14 |
| url |
VCID-7p54-yn8k-aydw |
| vulnerability_id |
VCID-7p54-yn8k-aydw |
| summary |
Moodle Remote Code Execution vulnerability
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304253 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
7.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304253 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
7.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461193 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
7.2 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461193 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43425, GHSA-v6f4-v8h8-3c87
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7p54-yn8k-aydw |
|
| 15 |
| url |
VCID-7rqc-eepq-43ds |
| vulnerability_id |
VCID-7rqc-eepq-43ds |
| summary |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243432 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243432 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451581 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451581 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5540, GHSA-w8x2-w4qr-v3x4
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7rqc-eepq-43ds |
|
| 16 |
| url |
VCID-7trf-g8dq-tua1 |
| vulnerability_id |
VCID-7trf-g8dq-tua1 |
| summary |
Moodle has a time restriction bypass
An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-62401, GHSA-w29j-8phw-ffjf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7trf-g8dq-tua1 |
|
| 17 |
| url |
VCID-7x6e-qege-ufdv |
| vulnerability_id |
VCID-7x6e-qege-ufdv |
| summary |
Moodle Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243453 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243453 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451592 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451592 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5551, GHSA-jr83-8x65-xcr5
|
| risk_score |
1.5 |
| exploitability |
0.5 |
| weighted_severity |
3.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7x6e-qege-ufdv |
|
| 18 |
| url |
VCID-893t-9cja-43g2 |
| vulnerability_id |
VCID-893t-9cja-43g2 |
| summary |
Moodle Unsanitized HTML in site log for config_log_created
The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34006, GHSA-vvh5-7v3m-j3mj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-893t-9cja-43g2 |
|
| 19 |
| url |
VCID-8d9n-ejbb-7fa1 |
| vulnerability_id |
VCID-8d9n-ejbb-7fa1 |
| summary |
Moodle Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability
Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5548, GHSA-cwh2-q44x-5w3c
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8d9n-ejbb-7fa1 |
|
| 20 |
| url |
VCID-9rqr-xzr8-5fgf |
| vulnerability_id |
VCID-9rqr-xzr8-5fgf |
| summary |
Moodle allows users to retrieve information they did not have permission to access
A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309941 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:47Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309941 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.7 |
| purl |
pkg:composer/moodle/moodle@4.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 10 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 11 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 12 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 13 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 14 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 19 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 20 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 21 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 24 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 25 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 26 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 27 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 28 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 29 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 30 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 31 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 32 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.3 |
| purl |
pkg:composer/moodle/moodle@4.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 18 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 19 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 23 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 24 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 25 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 26 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 27 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 28 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 29 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 30 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 31 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 32 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 33 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 34 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 35 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 36 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 37 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 38 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 39 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 40 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 41 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 42 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3 |
|
|
| aliases |
CVE-2024-45689, GHSA-j822-x5gg-5r56
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9rqr-xzr8-5fgf |
|
| 21 |
| url |
VCID-9xk9-qb9x-jfcs |
| vulnerability_id |
VCID-9xk9-qb9x-jfcs |
| summary |
Moodle leaks user names
A vulnerability was found in Moodle. It is possible for users with the "send message" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.8 |
| purl |
pkg:composer/moodle/moodle@4.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 10 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 11 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 12 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 13 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 14 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 15 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 16 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 17 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 18 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 19 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 20 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 21 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 22 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 23 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 24 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 27 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 28 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.4 |
| purl |
pkg:composer/moodle/moodle@4.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 16 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 17 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 20 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 21 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 25 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 26 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 27 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 28 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 29 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 30 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 31 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 32 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 33 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 34 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 35 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 36 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 37 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4 |
|
|
| aliases |
CVE-2024-48896, GHSA-cq5f-wv7p-5gfc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9xk9-qb9x-jfcs |
|
| 22 |
| url |
VCID-ajrr-8392-kkcw |
| vulnerability_id |
VCID-ajrr-8392-kkcw |
| summary |
Moodle CSRF risks due to misuse of confirm_sesskey
Incorrect CSRF token checks resulted in multiple CSRF risks. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=459501 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=459501 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.8 |
| purl |
pkg:composer/moodle/moodle@4.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 7 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 10 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 11 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 12 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 13 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 14 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 15 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 16 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 19 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 20 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 21 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 24 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.5 |
| purl |
pkg:composer/moodle/moodle@4.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 10 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 11 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 12 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 19 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 20 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 23 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 24 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 33 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 34 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 35 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 36 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 37 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 38 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 39 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 40 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 41 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 42 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 43 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 44 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 45 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 46 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 47 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 48 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 49 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 50 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.1 |
| purl |
pkg:composer/moodle/moodle@4.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 10 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 11 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 12 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 13 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 14 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 15 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 16 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 17 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 18 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 24 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 25 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 26 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 27 |
| vulnerability |
VCID-edb5-zwa3-mfam |
|
| 28 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 29 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 30 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 31 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 32 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 33 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 34 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 35 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 36 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 37 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 38 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 39 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 40 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 41 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 42 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 43 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 44 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 45 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 46 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 47 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 48 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 49 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 50 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 51 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 52 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 53 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 54 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 55 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 56 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 57 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 58 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 59 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 60 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 61 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 62 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1 |
|
|
| aliases |
CVE-2024-38276, GHSA-356g-7x36-7m34
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrr-8392-kkcw |
|
| 23 |
| url |
VCID-b3vw-8hzh-dybx |
| vulnerability_id |
VCID-b3vw-8hzh-dybx |
| summary |
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file include. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=458394 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T19:36:05Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=458394 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34005, GHSA-r99q-hmqv-xw8w
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b3vw-8hzh-dybx |
|
| 24 |
| url |
VCID-d92c-j4yy-fud3 |
| vulnerability_id |
VCID-d92c-j4yy-fud3 |
| summary |
Moodle authorization headers preserved between "emulated redirects"
A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304260 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304260 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461200 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461200 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43432, GHSA-7wmp-2xmx-g6h8
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d92c-j4yy-fud3 |
|
| 25 |
| url |
VCID-dp61-6ban-cyda |
| vulnerability_id |
VCID-dp61-6ban-cyda |
| summary |
Cross-site Scripting in Moodle Chat
The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says "If you know some HTML code, you can use it in your text to do things like insert images, play sounds or create different coloured and sized text." This page also says "Chat is due to be removed from standard Moodle." |
| references |
| 0 |
|
| 1 |
| reference_url |
https://docs.moodle.org/403/en/Using_Chat |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/ |
|
|
| url |
https://docs.moodle.org/403/en/Using_Chat |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-28593, GHSA-f6mh-79vh-2hv7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dp61-6ban-cyda |
|
| 26 |
| url |
VCID-evef-t6cx-vqcc |
| vulnerability_id |
VCID-evef-t6cx-vqcc |
| summary |
Moodle broken access control when setting calendar event type
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-33996, GHSA-4qww-rxq6-x7gf
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-evef-t6cx-vqcc |
|
| 27 |
| url |
VCID-g3km-hbas-x3cg |
| vulnerability_id |
VCID-g3km-hbas-x3cg |
| summary |
Moodle has arbitrary file read risk through pdfTeX
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304254 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304254 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461194 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461194 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43426, GHSA-vjmm-r9gg-425m
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g3km-hbas-x3cg |
|
| 28 |
| url |
VCID-gycn-bey2-4yam |
| vulnerability_id |
VCID-gycn-bey2-4yam |
| summary |
Improper Access Control in moodle
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264096 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264096 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=455636 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=455636 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25980, GHSA-cp8m-h777-g4p3
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gycn-bey2-4yam |
|
| 29 |
| url |
VCID-hmuw-bjax-37bz |
| vulnerability_id |
VCID-hmuw-bjax-37bz |
| summary |
Moodle Cross-site Scripting (XSS)
Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-33998, GHSA-xqhh-253w-4q5f
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hmuw-bjax-37bz |
|
| 30 |
| url |
VCID-hsk6-h5ky-g3cx |
| vulnerability_id |
VCID-hsk6-h5ky-g3cx |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The course upload preview contained an XSS risk for users uploading unsafe data. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243447 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243447 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451588 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451588 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5547, GHSA-9gqp-3g28-w9xc
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hsk6-h5ky-g3cx |
|
| 31 |
| url |
VCID-j3ts-5ghc-4qct |
| vulnerability_id |
VCID-j3ts-5ghc-4qct |
| summary |
Moodle has a Remote Code Execution risk via file restore
A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2026-26045, GHSA-ggxq-2mg9-8966
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j3ts-5ghc-4qct |
|
| 32 |
| url |
VCID-jfsu-ya7r-h3e1 |
| vulnerability_id |
VCID-jfsu-ya7r-h3e1 |
| summary |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5539, GHSA-3xxm-3g3c-w579
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jfsu-ya7r-h3e1 |
|
| 33 |
| url |
VCID-jkyc-esnt-p3ay |
| vulnerability_id |
VCID-jkyc-esnt-p3ay |
| summary |
Moodle CSRF risk in analytics management of models
Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=458397 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-05T19:22:27Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=458397 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34008, GHSA-68x5-4jg5-gjgg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jkyc-esnt-p3ay |
|
| 34 |
| url |
VCID-m2a7-q28u-1yfw |
| vulnerability_id |
VCID-m2a7-q28u-1yfw |
| summary |
Moodle vulnerable to brute-force password guesses
Moodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-62399, GHSA-m58f-9pvv-8mp2
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m2a7-q28u-1yfw |
|
| 35 |
| url |
VCID-m3jj-r66a-d7cv |
| vulnerability_id |
VCID-m3jj-r66a-d7cv |
| summary |
Moodle vulnerable to cache poisoning via injection into storage
To address a cache poisoning risk in Moodle, additional validation for local storage was required. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304256 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
6.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304256 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
6.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461196 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
6.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461196 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43428, GHSA-2r9m-wg35-rfvc
|
| risk_score |
3.5 |
| exploitability |
0.5 |
| weighted_severity |
6.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m3jj-r66a-d7cv |
|
| 36 |
| url |
VCID-m9tk-fa8m-zbah |
| vulnerability_id |
VCID-m9tk-fa8m-zbah |
| summary |
Moodle LFI vulnerability when restoring malformed block backups
A flaw was found in moodle. A local file may include risks when restoring block backups. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304269 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304269 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461210 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461210 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43440, GHSA-qrqv-26gf-xgwh
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m9tk-fa8m-zbah |
|
| 37 |
| url |
VCID-mhh7-n7ut-hkh6 |
| vulnerability_id |
VCID-mhh7-n7ut-hkh6 |
| summary |
Improper Handling of Parameters in moodle
The URL parameters accepted by forum search were not limited to the allowed parameters. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264095 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264095 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=455635 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=455635 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25979, GHSA-6vjf-48fh-vxxj
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mhh7-n7ut-hkh6 |
|
| 38 |
| url |
VCID-mnx8-118d-efcr |
| vulnerability_id |
VCID-mnx8-118d-efcr |
| summary |
moodle: IDOR in edit/delete RSS feed
A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2318821 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:51:39Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2318821 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.8 |
| purl |
pkg:composer/moodle/moodle@4.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 10 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 11 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 12 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 13 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 14 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 15 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 16 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 17 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 18 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 19 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 20 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 21 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 22 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 23 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 24 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 27 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 28 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.4 |
| purl |
pkg:composer/moodle/moodle@4.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 16 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 17 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 20 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 21 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 25 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 26 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 27 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 28 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 29 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 30 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 31 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 32 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 33 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 34 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 35 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 36 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 37 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4 |
|
|
| aliases |
CVE-2024-48897, GHSA-x3x9-349x-2485
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mnx8-118d-efcr |
|
| 39 |
| url |
VCID-ms4e-v5zc-9kgc |
| vulnerability_id |
VCID-ms4e-v5zc-9kgc |
| summary |
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file include. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=458390 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
7.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T17:56:11Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=458390 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34002, GHSA-mm9p-xwfm-3fqf
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ms4e-v5zc-9kgc |
|
| 40 |
| url |
VCID-ngar-aydn-eye4 |
| vulnerability_id |
VCID-ngar-aydn-eye4 |
| summary |
Improper Authorization
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
|
| aliases |
CVE-2023-5543
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ngar-aydn-eye4 |
|
| 41 |
| url |
VCID-pged-191y-quhm |
| vulnerability_id |
VCID-pged-191y-quhm |
| summary |
Moodle stored XSS via calendar's event title when deleting the event
Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=459499 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=459499 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.8 |
| purl |
pkg:composer/moodle/moodle@4.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 7 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 10 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 11 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 12 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 13 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 14 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 15 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 16 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 19 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 20 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 21 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 24 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.5 |
| purl |
pkg:composer/moodle/moodle@4.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 10 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 11 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 12 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 19 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 20 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 23 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 24 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 33 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 34 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 35 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 36 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 37 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 38 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 39 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 40 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 41 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 42 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 43 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 44 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 45 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 46 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 47 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 48 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 49 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 50 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.1 |
| purl |
pkg:composer/moodle/moodle@4.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 10 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 11 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 12 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 13 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 14 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 15 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 16 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 17 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 18 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 24 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 25 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 26 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 27 |
| vulnerability |
VCID-edb5-zwa3-mfam |
|
| 28 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 29 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 30 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 31 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 32 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 33 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 34 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 35 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 36 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 37 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 38 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 39 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 40 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 41 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 42 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 43 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 44 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 45 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 46 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 47 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 48 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 49 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 50 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 51 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 52 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 53 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 54 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 55 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 56 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 57 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 58 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 59 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 60 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 61 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 62 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1 |
|
|
| aliases |
CVE-2024-38274, GHSA-p5cg-6rfr-6mx8
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pged-191y-quhm |
|
| 42 |
| url |
VCID-qabh-bpmn-1ye5 |
| vulnerability_id |
VCID-qabh-bpmn-1ye5 |
| summary |
Cross-Site Request Forgery in moodle
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264098 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264098 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=455638 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=455638 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25982, GHSA-7pjp-fm93-p6pj
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qabh-bpmn-1ye5 |
|
| 43 |
| url |
VCID-qruy-fs4p-43h1 |
| vulnerability_id |
VCID-qruy-fs4p-43h1 |
| summary |
Moodle has CSRF risk in Feedback non-respondents report
The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304262 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
8.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304262 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
8.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461203 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
|
| 1 |
| value |
8.0 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461203 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43434, GHSA-x87r-37q5-mmr8
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qruy-fs4p-43h1 |
|
| 44 |
| url |
VCID-r1ug-e8x6-83gt |
| vulnerability_id |
VCID-r1ug-e8x6-83gt |
| summary |
Uncontrolled Resource Consumption
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25978, GHSA-487g-3m3v-hjhq
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ug-e8x6-83gt |
|
| 45 |
| url |
VCID-r4m3-9prr-dkby |
| vulnerability_id |
VCID-r4m3-9prr-dkby |
| summary |
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304267 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304267 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461208 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461208 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43438, GHSA-p9cx-f595-h79h
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r4m3-9prr-dkby |
|
| 46 |
| url |
VCID-r5w9-cbyk-hqc6 |
| vulnerability_id |
VCID-r5w9-cbyk-hqc6 |
| summary |
Moodle's IDOR in badges allows deletion of arbitrary badges
A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304259 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304259 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461199 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
6.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461199 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43431, GHSA-wwjf-gwrv-wh45
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r5w9-cbyk-hqc6 |
|
| 47 |
| url |
VCID-rm2q-xde7-a3ej |
| vulnerability_id |
VCID-rm2q-xde7-a3ej |
| summary |
Moodle uses the same key for QR login and auto-login
A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=459502 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.4 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
|
| 1 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
|
| 2 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=459502 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.8 |
| purl |
pkg:composer/moodle/moodle@4.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 7 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 10 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 11 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 12 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 13 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 14 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 15 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 16 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 19 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 20 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 21 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 24 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.5 |
| purl |
pkg:composer/moodle/moodle@4.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 10 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 11 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 12 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 19 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 20 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 23 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 24 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 33 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 34 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 35 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 36 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 37 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 38 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 39 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 40 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 41 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 42 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 43 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 44 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 45 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 46 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 47 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 48 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 49 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 50 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.1 |
| purl |
pkg:composer/moodle/moodle@4.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 10 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 11 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 12 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 13 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 14 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 15 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 16 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 17 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 18 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 24 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 25 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 26 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 27 |
| vulnerability |
VCID-edb5-zwa3-mfam |
|
| 28 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 29 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 30 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 31 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 32 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 33 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 34 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 35 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 36 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 37 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 38 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 39 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 40 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 41 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 42 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 43 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 44 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 45 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 46 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 47 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 48 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 49 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 50 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 51 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 52 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 53 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 54 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 55 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 56 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 57 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 58 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 59 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 60 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 61 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 62 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1 |
|
|
| aliases |
CVE-2024-38277, GHSA-r82w-3phg-qvr4
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rm2q-xde7-a3ej |
|
| 48 |
| url |
VCID-s7pu-hgz5-zfbq |
| vulnerability_id |
VCID-s7pu-hgz5-zfbq |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243437 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243437 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451582 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451582 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5541, GHSA-28gc-4qq5-8q26
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s7pu-hgz5-zfbq |
|
| 49 |
| url |
VCID-sdxf-f1b3-t3cc |
| vulnerability_id |
VCID-sdxf-f1b3-t3cc |
| summary |
Moodle vulnerable to site administration SQL injection via XMLDB editor
A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304264 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304264 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461206 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
6.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461206 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43436, GHSA-mx26-62xm-2p83
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sdxf-f1b3-t3cc |
|
| 50 |
| url |
VCID-t8vm-tfnq-5kak |
| vulnerability_id |
VCID-t8vm-tfnq-5kak |
| summary |
moodle: IDOR when fetching report schedules
A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.8 |
| purl |
pkg:composer/moodle/moodle@4.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 10 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 11 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 12 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 13 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 14 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 15 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 16 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 17 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 18 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 19 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 20 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 21 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 22 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 23 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 24 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 27 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 28 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.4 |
| purl |
pkg:composer/moodle/moodle@4.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 16 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 17 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 20 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 21 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 25 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 26 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 27 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 28 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 29 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 30 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 31 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 32 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 33 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 34 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 35 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 36 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 37 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4 |
|
|
| aliases |
CVE-2024-48901, GHSA-mg54-p2wj-5ph7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t8vm-tfnq-5kak |
|
| 51 |
| url |
VCID-tgs8-3n7x-cyc1 |
| vulnerability_id |
VCID-tgs8-3n7x-cyc1 |
| summary |
Moodle HTTP authorization header is preserved between "emulated redirects"
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=459500 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T13:36:09Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=459500 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.8 |
| purl |
pkg:composer/moodle/moodle@4.2.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 7 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 10 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 11 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 12 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 13 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 14 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 15 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 16 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 19 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 20 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 21 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 24 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.5 |
| purl |
pkg:composer/moodle/moodle@4.3.5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 10 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 11 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 12 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 19 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 20 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 23 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 24 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 33 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 34 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 35 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 36 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 37 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 38 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 39 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 40 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 41 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 42 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 43 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 44 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 45 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 46 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 47 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 48 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 49 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 50 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.1 |
| purl |
pkg:composer/moodle/moodle@4.4.1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 8 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 9 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 10 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 11 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 12 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 13 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 14 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 15 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 16 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 17 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 18 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 24 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 25 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 26 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 27 |
| vulnerability |
VCID-edb5-zwa3-mfam |
|
| 28 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 29 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 30 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 31 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 32 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 33 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 34 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 35 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 36 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 37 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 38 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 39 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 40 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 41 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 42 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 43 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 44 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 45 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 46 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 47 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 48 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 49 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 50 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 51 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 52 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 53 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 54 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 55 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 56 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 57 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 58 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 59 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 60 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 61 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 62 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1 |
|
|
| aliases |
CVE-2024-38275, GHSA-p2cj-86v4-7782
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tgs8-3n7x-cyc1 |
|
| 52 |
| url |
VCID-umd1-pmr4-4bgs |
| vulnerability_id |
VCID-umd1-pmr4-4bgs |
| summary |
Moodle CSRF risk in admin preset tool management of presets
Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34001, GHSA-gq9f-8rj4-w7jc
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-umd1-pmr4-4bgs |
|
| 53 |
| url |
VCID-utsj-g57g-cbeb |
| vulnerability_id |
VCID-utsj-g57g-cbeb |
| summary |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5544, GHSA-j5xf-gv89-g422
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-utsj-g57g-cbeb |
|
| 54 |
| url |
VCID-vsrk-zp7j-w7bk |
| vulnerability_id |
VCID-vsrk-zp7j-w7bk |
| summary |
Moodle IDOR when deleting OAuth2 linked accounts
A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309939 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:15:47Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2309939 |
|
| 2 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/security |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://moodle.org/security |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.7 |
| purl |
pkg:composer/moodle/moodle@4.3.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 10 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 11 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 12 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 13 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 14 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 18 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 19 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 20 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 21 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 22 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 23 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 24 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 25 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 26 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 27 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 28 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 29 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 30 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 31 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 32 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.3 |
| purl |
pkg:composer/moodle/moodle@4.4.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 18 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 19 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 23 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 24 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 25 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 26 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 27 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 28 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 29 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 30 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 31 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 32 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 33 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 34 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 35 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 36 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 37 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 38 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 39 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 40 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 41 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 42 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3 |
|
|
| aliases |
CVE-2024-45690, GHSA-fhg2-r2h9-h7q8
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vsrk-zp7j-w7bk |
|
| 55 |
| url |
VCID-wwny-t2ez-y3e1 |
| vulnerability_id |
VCID-wwny-t2ez-y3e1 |
| summary |
Moodle has insufficient capability checks
A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304263 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2304263 |
|
| 3 |
| reference_url |
https://github.com/moodle/moodle |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/moodle/moodle |
|
| 4 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=461205 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
2.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U |
|
| 2 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=461205 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.6 |
| purl |
pkg:composer/moodle/moodle@4.3.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 8 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 9 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 13 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 14 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 15 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 16 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 17 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 18 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 21 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 22 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 23 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 24 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 25 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 26 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 27 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 28 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 29 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 30 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 31 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 32 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 33 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 34 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 35 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.2 |
| purl |
pkg:composer/moodle/moodle@4.4.2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 6 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 7 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 8 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 9 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 10 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 11 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 12 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 13 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 14 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 15 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 16 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 17 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 18 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 19 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 20 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 21 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 22 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 23 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 24 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 25 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 26 |
| vulnerability |
VCID-jjsw-9p4b-m3e5 |
|
| 27 |
| vulnerability |
VCID-kwhy-pkt9-1kfe |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 30 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 31 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 32 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 33 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 34 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 35 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 36 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 37 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 38 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 39 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 40 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 41 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 42 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2 |
|
|
| aliases |
CVE-2024-43435, GHSA-4gq2-x5w4-7hp8
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wwny-t2ez-y3e1 |
|
| 56 |
| url |
VCID-x1pc-1kuc-kug2 |
| vulnerability_id |
VCID-x1pc-1kuc-kug2 |
| summary |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.3 |
| purl |
pkg:composer/moodle/moodle@4.2.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6726-ca8y-4uez |
|
| 10 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 11 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 14 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 15 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 16 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 17 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 18 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 19 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 20 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 21 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 22 |
| vulnerability |
VCID-gycn-bey2-4yam |
|
| 23 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 24 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 25 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 26 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 27 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 28 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 29 |
| vulnerability |
VCID-mhh7-n7ut-hkh6 |
|
| 30 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 31 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 32 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 33 |
| vulnerability |
VCID-qabh-bpmn-1ye5 |
|
| 34 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 35 |
| vulnerability |
VCID-r1ug-e8x6-83gt |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 39 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 40 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 41 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 42 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 43 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 44 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 45 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 46 |
| vulnerability |
VCID-yc6t-am1p-x3ev |
|
| 47 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 48 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 49 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 50 |
| vulnerability |
VCID-ztjp-76rp-hfhk |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5550, GHSA-5cvx-cwpx-9rjh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x1pc-1kuc-kug2 |
|
| 57 |
| url |
VCID-y4g2-328f-qbge |
| vulnerability_id |
VCID-y4g2-328f-qbge |
| summary |
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file include. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34003, GHSA-jg4f-8w9x-jv35
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y4g2-328f-qbge |
|
| 58 |
| url |
VCID-yc6t-am1p-x3ev |
| vulnerability_id |
VCID-yc6t-am1p-x3ev |
| summary |
Authorization Bypass in moodle
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page). |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264099 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2264099 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=455641 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 1 |
| value |
5.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=455641 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.6 |
| purl |
pkg:composer/moodle/moodle@4.2.6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 7 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 17 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 18 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 19 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 20 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 21 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 24 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 25 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 26 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 27 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 28 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 29 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 30 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 31 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 32 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 40 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 41 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 42 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 43 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.3 |
| purl |
pkg:composer/moodle/moodle@4.3.3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-5ba5-pee7-6kh1 |
|
| 11 |
| vulnerability |
VCID-5s33-v19s-sqd6 |
|
| 12 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 13 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 14 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 15 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 16 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 17 |
| vulnerability |
VCID-84hx-be7m-pfa1 |
|
| 18 |
| vulnerability |
VCID-893t-9cja-43g2 |
|
| 19 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 20 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 21 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 22 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 23 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 24 |
| vulnerability |
VCID-b3vw-8hzh-dybx |
|
| 25 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 26 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 27 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 28 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 29 |
| vulnerability |
VCID-evef-t6cx-vqcc |
|
| 30 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 31 |
| vulnerability |
VCID-fz5m-54ja-sbg4 |
|
| 32 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 33 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 34 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 35 |
| vulnerability |
VCID-hmuw-bjax-37bz |
|
| 36 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 37 |
| vulnerability |
VCID-jdpb-f21j-tqa4 |
|
| 38 |
| vulnerability |
VCID-jkyc-esnt-p3ay |
|
| 39 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 40 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 41 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 42 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 43 |
| vulnerability |
VCID-ms4e-v5zc-9kgc |
|
| 44 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 45 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 46 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 47 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 48 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 49 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 50 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 51 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 52 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 53 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 54 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 55 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 56 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 57 |
| vulnerability |
VCID-umd1-pmr4-4bgs |
|
| 58 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 59 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 60 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 61 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 62 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 63 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 64 |
| vulnerability |
VCID-y4g2-328f-qbge |
|
| 65 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 66 |
| vulnerability |
VCID-ytd5-2swj-wkh1 |
|
| 67 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 68 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 69 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 70 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3 |
|
|
| aliases |
CVE-2024-25983, GHSA-9r26-5w88-qhp9
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yc6t-am1p-x3ev |
|
| 59 |
| url |
VCID-ykj6-ptd4-7qfs |
| vulnerability_id |
VCID-ykj6-ptd4-7qfs |
| summary |
Moodle affected by a code injection vulnerability
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2025-67847, GHSA-xvmh-25jw-gmmm
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ykj6-ptd4-7qfs |
|
| 60 |
| url |
VCID-ytd5-2swj-wkh1 |
| vulnerability_id |
VCID-ytd5-2swj-wkh1 |
| summary |
Moodle Authenticated LFI risk in some misconfigured shared hosting environments
In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file include. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.2.7 |
| purl |
pkg:composer/moodle/moodle@4.2.7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 1 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 2 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 3 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 4 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 5 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 6 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 7 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 8 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 9 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 10 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 11 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 12 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 13 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 14 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 15 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 16 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 17 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 18 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 19 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 20 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 21 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 22 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 23 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 24 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 25 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 26 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 27 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 28 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 29 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 30 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 31 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.4 |
| purl |
pkg:composer/moodle/moodle@4.3.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-21mq-pewz-ekdt |
|
| 4 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 5 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 6 |
| vulnerability |
VCID-2wsu-7rzh-h7cs |
|
| 7 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 8 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 9 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-6p1s-2r14-z7ax |
|
| 13 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 14 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 15 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 16 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 17 |
| vulnerability |
VCID-9xk9-qb9x-jfcs |
|
| 18 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 19 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 20 |
| vulnerability |
VCID-cjvx-m4xg-p7hb |
|
| 21 |
| vulnerability |
VCID-d92c-j4yy-fud3 |
|
| 22 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 23 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 24 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 25 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 26 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 27 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 28 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 29 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 30 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 31 |
| vulnerability |
VCID-mnx8-118d-efcr |
|
| 32 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 33 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 34 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 35 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 36 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 37 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 38 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 39 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 40 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 41 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 42 |
| vulnerability |
VCID-t8vm-tfnq-5kak |
|
| 43 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 44 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 45 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 46 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 47 |
| vulnerability |
VCID-wwny-t2ez-y3e1 |
|
| 48 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 49 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 50 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 51 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 52 |
| vulnerability |
VCID-z5u9-5522-h7fx |
|
| 53 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 54 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 55 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4 |
|
|
| aliases |
CVE-2024-34004, GHSA-q3cm-ccrm-2mr6
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ytd5-2swj-wkh1 |
|
| 61 |
| url |
VCID-z5u9-5522-h7fx |
| vulnerability_id |
VCID-z5u9-5522-h7fx |
| summary |
moodle: Some users can delete audiences of other reports
A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from. |
| references |
|
| fixed_packages |
| 0 |
|
| 1 |
| url |
pkg:composer/moodle/moodle@4.3.8 |
| purl |
pkg:composer/moodle/moodle@4.3.8 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 6 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 7 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 8 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 9 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 10 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 11 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 12 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 13 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 14 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 15 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 16 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 17 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 18 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 19 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 20 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 21 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 22 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 23 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 24 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 25 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 26 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 27 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 28 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8 |
|
| 2 |
| url |
pkg:composer/moodle/moodle@4.4.4 |
| purl |
pkg:composer/moodle/moodle@4.4.4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 5 |
| vulnerability |
VCID-44zf-1dw7-qkf5 |
|
| 6 |
| vulnerability |
VCID-4zvp-nmrk-4qbq |
|
| 7 |
| vulnerability |
VCID-5snb-dyv3-efe9 |
|
| 8 |
| vulnerability |
VCID-5xhb-mx3v-fuhs |
|
| 9 |
| vulnerability |
VCID-61ry-zz34-8qhj |
|
| 10 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 11 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 12 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 13 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 16 |
| vulnerability |
VCID-dr5e-6s1a-6uas |
|
| 17 |
| vulnerability |
VCID-f1da-1duc-2uhb |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 20 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 21 |
| vulnerability |
VCID-hufb-p6pa-63c9 |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 25 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 26 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 27 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 28 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 29 |
| vulnerability |
VCID-wby4-h9ud-1yh5 |
|
| 30 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 31 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 32 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 33 |
| vulnerability |
VCID-yby1-g45r-rugg |
|
| 34 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 35 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 36 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 37 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4 |
|
|
| aliases |
CVE-2024-48898, GHSA-fjq9-452g-jg3q
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z5u9-5522-h7fx |
|
| 62 |
| url |
VCID-ztjp-76rp-hfhk |
| vulnerability_id |
VCID-ztjp-76rp-hfhk |
| summary |
Moodle Improper Access Control vulnerability
Students in "Only see own membership" groups could see other students in the group, which should be hidden. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243441 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:11Z/ |
|
|
| url |
https://bugzilla.redhat.com/show_bug.cgi?id=2243441 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://moodle.org/mod/forum/discuss.php?d=451583 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 2 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:11Z/ |
|
|
| url |
https://moodle.org/mod/forum/discuss.php?d=451583 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| purl |
pkg:composer/moodle/moodle@4.3.0-rc2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-17k8-g4xw-b7g9 |
|
| 1 |
| vulnerability |
VCID-1efm-18zh-w7gm |
|
| 2 |
| vulnerability |
VCID-1wup-hjxg-f7g4 |
|
| 3 |
| vulnerability |
VCID-29mv-feyq-guew |
|
| 4 |
| vulnerability |
VCID-2urf-d2qr-abdy |
|
| 5 |
| vulnerability |
VCID-3nu2-1cwj-sfdd |
|
| 6 |
| vulnerability |
VCID-3nvq-s7y5-fufr |
|
| 7 |
| vulnerability |
VCID-3yre-ft3n-2fd3 |
|
| 8 |
| vulnerability |
VCID-657g-68tv-dkam |
|
| 9 |
| vulnerability |
VCID-6cvg-r9am-wbh5 |
|
| 10 |
| vulnerability |
VCID-7p54-yn8k-aydw |
|
| 11 |
| vulnerability |
VCID-7trf-g8dq-tua1 |
|
| 12 |
| vulnerability |
VCID-8uah-srba-6ubb |
|
| 13 |
| vulnerability |
VCID-9rqr-xzr8-5fgf |
|
| 14 |
| vulnerability |
VCID-a1ek-x154-5ydy |
|
| 15 |
| vulnerability |
VCID-ajrr-8392-kkcw |
|
| 16 |
| vulnerability |
VCID-dky9-v96e-pubh |
|
| 17 |
| vulnerability |
VCID-dp61-6ban-cyda |
|
| 18 |
| vulnerability |
VCID-ffp4-23na-rkgr |
|
| 19 |
| vulnerability |
VCID-g3km-hbas-x3cg |
|
| 20 |
| vulnerability |
VCID-gwnb-e3gt-kqcb |
|
| 21 |
| vulnerability |
VCID-gzdw-424p-mqfa |
|
| 22 |
| vulnerability |
VCID-j3ts-5ghc-4qct |
|
| 23 |
| vulnerability |
VCID-m2a7-q28u-1yfw |
|
| 24 |
| vulnerability |
VCID-m3jj-r66a-d7cv |
|
| 25 |
| vulnerability |
VCID-m9tk-fa8m-zbah |
|
| 26 |
| vulnerability |
VCID-nctp-rev5-puej |
|
| 27 |
| vulnerability |
VCID-pd2f-4kxt-bkgp |
|
| 28 |
| vulnerability |
VCID-pged-191y-quhm |
|
| 29 |
| vulnerability |
VCID-qruy-fs4p-43h1 |
|
| 30 |
| vulnerability |
VCID-r4m3-9prr-dkby |
|
| 31 |
| vulnerability |
VCID-r5w9-cbyk-hqc6 |
|
| 32 |
| vulnerability |
VCID-rcr9-z41f-sqbr |
|
| 33 |
| vulnerability |
VCID-rm2q-xde7-a3ej |
|
| 34 |
| vulnerability |
VCID-sdxf-f1b3-t3cc |
|
| 35 |
| vulnerability |
VCID-sgdq-5ha7-nfh2 |
|
| 36 |
| vulnerability |
VCID-tgs8-3n7x-cyc1 |
|
| 37 |
| vulnerability |
VCID-ueyy-v42v-7ydh |
|
| 38 |
| vulnerability |
VCID-vsrk-zp7j-w7bk |
|
| 39 |
| vulnerability |
VCID-vve8-f9s9-v7ft |
|
| 40 |
| vulnerability |
VCID-wwx4-ns21-k3hd |
|
| 41 |
| vulnerability |
VCID-wytb-bryq-yqb4 |
|
| 42 |
| vulnerability |
VCID-xqha-pgc4-3udb |
|
| 43 |
| vulnerability |
VCID-ykj6-ptd4-7qfs |
|
| 44 |
| vulnerability |
VCID-z693-m8fg-63cc |
|
| 45 |
| vulnerability |
VCID-zjqu-hbpf-9qe1 |
|
| 46 |
| vulnerability |
VCID-zrjj-atms-8uf9 |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2 |
|
|
| aliases |
CVE-2023-5542, GHSA-8mm2-m2gp-c6x2
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ztjp-76rp-hfhk |
|