Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 703
GHSA-cg8j-5cr2-568q
Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits
GHSA-ggxq-2mg9-8966
Moodle has a Remote Code Execution risk via file restore
GHSA-4g4j-v56v-2w79
A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.
CVE-2026-26047
A denial-of-service vulnerability was identified in Moodle\u2019s TeX ...
CVE-2026-26047
A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.
CVE-2026-26046
A vulnerability was found in a Moodle TeX filter administrative settin ...
CVE-2026-26046
A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.
CVE-2026-26047
A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.
CVE-2026-26046
A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.
CVE-2026-26045
A flaw was identified in Moodle\u2019s backup restore functionality wh ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-cg8j-5cr2-568q Moodle TeX formula editor is vulnerable to DoS through lack of execution time limits | CVSS3: 6.5 | 0% Низкий | около 1 месяца назад |
| GHSA-ggxq-2mg9-8966 Moodle has a Remote Code Execution risk via file restore | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
| GHSA-4g4j-v56v-2w79 A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server. | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
| CVE-2026-26047 A denial-of-service vulnerability was identified in Moodle\u2019s TeX ... | CVSS3: 6.5 | 0% Низкий | около 1 месяца назад |
 | CVE-2026-26047 A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption. | CVSS3: 6.5 | 0% Низкий | около 1 месяца назад |
| CVE-2026-26046 A vulnerability was found in a Moodle TeX filter administrative settin ... | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
| CVE-2026-26046 A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server. | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
 | CVE-2026-26047 A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption. | CVSS3: 6.5 | 0% Низкий | около 1 месяца назад |
| CVE-2026-26046 A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server. | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
| CVE-2026-26045 A flaw was identified in Moodle\u2019s backup restore functionality wh ... | CVSS3: 7.2 | 0% Низкий | около 1 месяца назад |
Уязвимостей на страницу