Описание
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:moodle:moodle:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.4.10:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:moodle:moodle:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.5.6:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:moodle:moodle:2.7.0:*:*:*:*:*:*:*
Конфигурация 4Версия до 2.3.11 (включая)
Одно из
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.3.10:*:*:*:*:*:*:*
Конфигурация 5
Одно из
cpe:2.3:a:moodle:moodle:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01935
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
почти 11 лет назад
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.
debian
почти 11 лет назад
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4. ...
EPSS
Процентиль: 83%
0.01935
Низкий
7.5 High
CVSS2
Дефекты
CWE-94