Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-32044

Опубликовано: 25 апр. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exception_ignore_args = 1 in the php.ini file are not affected by this vulnerability.

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

noble

DNE

oracular

DNE

plucky

DNE

upstream

needs-triage

Показывать по

EPSS

Процентиль: 26%
0.00088
Низкий

7.5 High

CVSS3

Связанные уязвимости

CVSS3: 7.5
nvd
3 месяца назад

A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls. Sites with PHP configured with zend.exception_ignore_args = 1 in the php.ini file are not affected by this vulnerability.

CVSS3: 7.5
debian
3 месяца назад

A flaw has been identified in Moodle where, on certain sites, unauthen ...

CVSS3: 7.5
github
3 месяца назад

Moodle allows unauthenticated REST API user data exposure

CVSS3: 7.5
fstec
3 месяца назад

Уязвимость виртуальной обучающей среды Moodle, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 7.5
redos
около 2 месяцев назад

Множественные уязвимости moodle

EPSS

Процентиль: 26%
0.00088
Низкий

7.5 High

CVSS3