Fedora Extra Packages For Enterprise Linux Vulnerabilities

Unrestricted Comment Access on Dashboard

CVE-2024-25983

FedoraMoodle5.3MEDIUM

Forum Export Flaw Allows Unauthorized Access to Non-Editing Teachers

CVE-2024-25981

FedoraMoodle5.3MEDIUM

Incorrect Group Restrictions in H5P Attempts Report

CVE-2024-25980

FedoraMoodle5.3MEDIUM

Msa-24-0002: forum search accepted random parameters in its url

CVE-2024-25979

FedoraMoodle5.3MEDIUM

Msa-24-0001: denial of service risk in file picker unzip functionality

CVE-2024-25978

FedoraMoodle7.5HIGH

Timing Variant of Bleichenbacher Attack Affects Cryptlib Cryptographic Library

CVE-2024-0202

Fedoracryptlib5.9MEDIUM

Untrusted Search Path Vulnerability in Yarn

CVE-2021-4435

FedoraYarn7.7HIGH

W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)

CVE-2023-4255

FedoraW3m5.5MEDIUM

Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c

CVE-2023-4256

FedoraTcpreplay5.5MEDIUM

Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp

CVE-2023-3430

FedoraOpenImageIO7.5HIGH

Moodle: duplicating a bigbluebutton activity assigns the same meeting id

CVE-2023-5543

Fedoramoodle3.3LOW

Authenticated remote code execution risk in lesson

CVE-2023-5539

Fedoramoodle👾🟡8.8HIGH

Authenticated remote code execution risk in imscp

CVE-2023-5540

Fedoramoodle👾🟡8.8HIGH

Xss risk when using csv grade import method

CVE-2023-5541

Fedoramoodle6.1MEDIUM

Students can view other users in "only see own membership" groups

CVE-2023-5542

Fedoramoodle4.3MEDIUM

Stored xss and potential idor risk in wiki comments

CVE-2023-5544

Fedoramoodle5.4MEDIUM

Auto-populated h5p author name causes a potential information leak

CVE-2023-5545

Fedoramoodle5.3MEDIUM

Stored xss in quiz grading report via user id number

CVE-2023-5546

Fedoramoodle👾🟡5.4MEDIUM

Xss risk when previewing data in course upload tool

CVE-2023-5547

Fedoramoodle6.1MEDIUM

Cache poisoning risk with endpoint revision numbers

CVE-2023-5548

Fedoramoodle5.3MEDIUM

Insufficient capability checks when updating the parent of a course category

CVE-2023-5549

Fedoramoodle5.3MEDIUM

Rce due to lfi risk in some misconfigured shared hosting environments

CVE-2023-5550

Fedoramoodle9.8CRITICAL

Forum summary report shows students from other groups when in separate groups mode

CVE-2023-5551

Fedoramoodle3.3LOW

fedora Extra Packages For Enterprise Linux Vulnerabilities

Vulnerability Published:

Sort By:

19 February 2024

Unrestricted Comment Access on Dashboard

Forum Export Flaw Allows Unauthorized Access to Non-Editing Teachers

Incorrect Group Restrictions in H5P Attempts Report

Msa-24-0002: forum search accepted random parameters in its url

Msa-24-0001: denial of service risk in file picker unzip functionality

5 February 2024

Timing Variant of Bleichenbacher Attack Affects Cryptlib Cryptographic Library

4 February 2024

Untrusted Search Path Vulnerability in Yarn

21 December 2023

W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)

Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c

18 December 2023

Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp

9 November 2023

Moodle: duplicating a bigbluebutton activity assigns the same meeting id

Authenticated remote code execution risk in lesson

Authenticated remote code execution risk in imscp

Xss risk when using csv grade import method

Students can view other users in "only see own membership" groups

Stored xss and potential idor risk in wiki comments

Auto-populated h5p author name causes a potential information leak

Stored xss in quiz grading report via user id number

Xss risk when previewing data in course upload tool

Cache poisoning risk with endpoint revision numbers

Insufficient capability checks when updating the parent of a course category

Rce due to lfi risk in some misconfigured shared hosting environments

Forum summary report shows students from other groups when in separate groups mode