Search CVE reports
3511 – 3520 of 60314 results
A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A flaw has was found in Moodle where anonymous assignment submissions can be de-anonymized via search, revealing student identities.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A security vulnerability was discovered in Moodle that allows some users to access sensitive information about other students before they finish verifying their identities using two-factor authentication (2FA).
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed...
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades.
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords—via stack traces returned by specific API calls....
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they...
1 affected package
moodle
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| moodle | Not in release | Not in release | Not in release | Needs evaluation |
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This...
1 affected package
python-h11
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-h11 | Fixed | Not affected | Not affected | — |
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to...
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
2 affected packages
libsoup2.4, libsoup3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
| libsoup3 | Fixed | Fixed | Not in release | — |