Описание
An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| lunar | DNE | |
| mantic | DNE |
Показывать по
10
EPSS
Процентиль: 58%
0.00366
Низкий
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
почти 3 года назад
An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
CVSS3: 7.5
debian
почти 3 года назад
An issue in the logic used to check 0.0.0.0 against the cURL blocked h ...
CVSS3: 7.5
github
почти 3 года назад
Moodle vulnerable to Server Side Request Forgery
EPSS
Процентиль: 58%
0.00366
Низкий
7.5 High
CVSS3