Moodle — система управления образовательными электронными курсами

Релизный цикл, информация об уязвимостях

Продукт: Moodle

Вендор: moodle

График релизов

Недавние уязвимости Moodle

Количество 2 647

CVE-2024-43434

больше 1 года назад

The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability.

CVSS3: 8.1

EPSS: Низкий

CVE-2024-43434

больше 1 года назад

The bulk message sending feature in Moodle's Feedback module's non-res ...

CVSS3: 8.1

EPSS: Низкий

CVE-2024-43431

больше 1 года назад

A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-43431

больше 1 года назад

A vulnerability was found in Moodle. Insufficient capability checks ma ...

CVSS3: 7.5

EPSS: Низкий

CVE-2024-43428

больше 1 года назад

To address a cache poisoning risk in Moodle, additional validation for local storage was required.

CVSS3: 7.7

EPSS: Низкий

CVE-2024-43428

больше 1 года назад

To address a cache poisoning risk in Moodle, additional validation for ...

CVSS3: 7.7

EPSS: Низкий

CVE-2024-43426

больше 1 года назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-43426

больше 1 года назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notatio ...

CVSS3: 7.5

EPSS: Низкий

CVE-2024-43425

больше 1 года назад

A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.

CVSS3: 8.1

EPSS: Высокий

CVE-2024-43425

больше 1 года назад

A flaw was found in Moodle. Additional restrictions are required to av ...

CVSS3: 8.1

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2024-43434 The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability.	CVSS3: 8.1	0% Низкий	больше 1 года назад
CVE-2024-43434 The bulk message sending feature in Moodle's Feedback module's non-res ...	CVSS3: 8.1	0% Низкий	больше 1 года назад
CVE-2024-43431 A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.	CVSS3: 7.5	0% Низкий	больше 1 года назад
CVE-2024-43431 A vulnerability was found in Moodle. Insufficient capability checks ma ...	CVSS3: 7.5	0% Низкий	больше 1 года назад
CVE-2024-43428 To address a cache poisoning risk in Moodle, additional validation for local storage was required.	CVSS3: 7.7	0% Низкий	больше 1 года назад
CVE-2024-43428 To address a cache poisoning risk in Moodle, additional validation for ...	CVSS3: 7.7	0% Низкий	больше 1 года назад
CVE-2024-43426 A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.	CVSS3: 7.5	1% Низкий	больше 1 года назад
CVE-2024-43426 A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notatio ...	CVSS3: 7.5	1% Низкий	больше 1 года назад
CVE-2024-43425 A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.	CVSS3: 8.1	89% Высокий	больше 1 года назад
CVE-2024-43425 A flaw was found in Moodle. Additional restrictions are required to av ...	CVSS3: 8.1	89% Высокий	больше 1 года назад

Уязвимостей на страницу