moodle/moodle vulnerabilities

Moodle - the world's open source learning platform

Latest version: v3.10.4

Licenses detected

  • license: GPL-3.0 < v2.5.0-beta, >= v2.3.4,>= v3.2.0-beta
  • Multiple licenses: GPL-3.0, LGPL-2.1, MIT < v3.2.0-beta, >= v2.5.0-beta
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the moodle/moodle package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • L
Improper Authentication
>=3.5, <3.5.8,>=3.6, <3.6.6,>=3.7, <3.7.2 Not available 21 Mar, 2021
  • M
Open Redirect
>=3.5, <3.5.8,>=3.6, <3.6.6,>=3.7, <3.7.2 Not available 21 Mar, 2021
  • M
Open Redirect
>=3.5, <3.5.8,>=3.6, <3.6.6,>=3.7, <3.7.2 Not available 21 Mar, 2021
  • M
Improper Authorization
>=3.5, <3.5.8,>=3.6, <3.6.6,>=3.7, <3.7.2 Not available 21 Mar, 2021
  • M
Cross-site Scripting (XSS)
>=3.10.0-beta, <3.10.2,>=3.9.0-beta, <3.9.5,>=3.6.0-beta, <3.8.8,<3.5.17 Not available 16 Mar, 2021
  • M
Information Exposure
>=3.10.0-beta, <3.10.2,>=3.9.0-beta, <3.9.5,>=3.6.0-beta, <3.8.8,<3.5.17 Not available 16 Mar, 2021
  • M
Cross-site Scripting (XSS)
>=3.10.0-beta, <3.10.2,>=3.9.0-beta, <3.9.5,>=3.6.0-beta, <3.8.8,<3.5.17 Not available 16 Mar, 2021
  • M
Improper Authorization
>=3.10.0-beta, <3.10.2,>=3.9.0-beta, <3.9.5,>=3.6.0-beta, <3.8.8,<3.5.17 Not available 16 Mar, 2021
  • M
Information Exposure
>=3.10.0-beta, <3.10.2,>=3.9.0-beta, <3.9.5,>=3.6.0-beta, <3.8.8,<3.5.17 Not available 16 Mar, 2021
  • M
Cross-site Scripting (XSS)
>=3.10.0, <3.10.1 Not available 29 Jan, 2021
  • L
Information Disclosure
>=3.10.0, <3.10.1,>=3.9.0, <3.9.4,>=3.8.0, <3.8.7 Not available 29 Jan, 2021
  • L
Denial of Service (DoS)
>=3.10.0, <3.10.1,>=3.9.0, <3.9.4,>=3.8.0, <3.8.7,>3.5.0, <3.5.16 Not available 29 Jan, 2021
  • H
Cross-site Scripting (XSS)
>=3.9.0, <3.9.2 Not available 09 Dec, 2020
  • M
Denial of Service (DoS)
>=3.9.0, <3.9.1,>=3.8.0, <3.8.4,>=3.7.0, <3.7.7,<3.5.13 Not available 08 Dec, 2020
  • H
Cross-site Scripting (XSS)
>=3.9.0, <3.9.2,>=3.8.0, <3.8.5,>=3.7.0, <3.7.8 Not available 08 Dec, 2020
  • H
Privilege Escalation
>=3.9.0, <3.9.1,>=3.8.0, <3.8.4,>=3.7.0, <3.7.7,<3.5.13 Not available 08 Dec, 2020
  • H
Cross-site Scripting (XSS)
>=3.9.0, <3.9.1,>=3.8.0, <3.8.4,>=3.7.0, <3.7.7,<3.5.13 Not available 08 Dec, 2020
  • M
Improper Access Control
<3.5.15,>=3.7.0, <3.7.9,>=3.8.0, <3.8.6,>=3.9.0, <3.9.3 Not available 20 Nov, 2020
  • M
Improper Access Control
<3.5.15,>=3.7.0, <3.7.9,>=3.8.0, <3.8.6,>=3.9.0, <3.9.3 Not available 20 Nov, 2020
  • M
Sensitive Data Exposure
>=3.7.0, <3.7.9,>=3.8.0, <3.8.6,>=3.9.0, <3.9.3 Not available 20 Nov, 2020
  • M
Cross-site Scripting (XSS)
>=3.9.0, <3.9.3 Not available 20 Nov, 2020
  • M
Improper Access Control
<3.5.15,>=3.7.0, <3.7.9,>=3.8.0, <3.8.6,>=3.9.0, <3.9.3 Not available 20 Nov, 2020
  • H
Arbitrary Code Execution
>=3.8.0, <3.8.3,>=3.7.0, <3.7.6,>=3.6.0, <3.6.10,>=3.5.0, <3.5.12 Not available 22 May, 2020
  • H
Information Exposure
<3.7.2 Not available 17 Feb, 2020
  • L
Information Exposure
>=3.6, <3.6.4 Not available 26 Jun, 2019
  • M
Open Redirect
<3.1.18,>=3.4, <3.4.9,>=3.5, <3.5.6,>=3.6, <3.6.4 Not available 26 Jun, 2019
  • L
Security Issue
<3.1.17,>=3.4.0, <3.4.8,>=3.5.0, <3.5.5,>=3.6.0, <3.6.3 Not available 27 Mar, 2019
  • M
Information Exposure
>=3.4.0, <3.4.8,>=3.5.0, <3.5.5,>=3.6.0, <3.6.3 Not available 26 Mar, 2019