GHSA-cg8j-5cr2-568q

Опубликовано: 21 фев. 2026

Источник: github

Github: Прошло ревью

CVSS3: 6.5

Описание

Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits

A Denial of Service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 5.1.0-beta, < 5.1.2

5.1.2

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 5.0.0-beta, < 5.0.5

5.0.5

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

< 4.5.9

4.5.9

EPSS

Процентиль: 20%

0.00066

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2026-26047

Дефекты

CWE-400

CWE-770

Связанные уязвимости

CVE-2026-26047

CVSS3: 6.5

ubuntu

около 1 месяца назад

A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.

CVE-2026-26047

CVSS3: 6.5

nvd

около 1 месяца назад

CVE-2026-26047

CVSS3: 6.5

debian

около 1 месяца назад

A denial-of-service vulnerability was identified in Moodle\u2019s TeX ...

EPSS

Процентиль: 20%

0.00066

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2026-26047

Дефекты

CWE-400

CWE-770