Lucene search
FedoraCVELIST:CVE-2022-35649HistoryJul 25, 2022 - 3:27 p.m.
CVE-2022-35649
2022-07-2515:27:27
CWE-94
fedora
www.cve.org
2
moodle
postscript code
input validation
remote code execution
ghostscript
The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
CNA Affected
[
{
"product": "Moodle",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in moodle 4.0.2, moodle 3.11.8, moodle 3.9.15"
}
]
}
]References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75044
bugzilla.redhat.com/show_bug.cgi?id=2106273
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/
moodle.org/mod/forum/discuss.php?d=436456
Related
cnvd
cnvd
Moodle Input Validation Error Vulnerability (CNVD-2022-54911)
2022-07-20 00:00:00
nvd
nvd
CVE-2022-35649
2022-07-25 16:15:08
osv
osv
Moodle PostScript Code Injection
2022-07-26 00:00:29
BIT-moodle-2022-35649
2024-03-06 11:03:56
CVE-2022-35649
2022-07-25 16:15:08
ubuntucve
ubuntucve
CVE-2022-35649
2022-07-25 00:00:00
githubexploit
githubexploit
Exploit for Code Injection in Moodle
2023-03-06 10:09:59
veracode
veracode
Remote Code Execution (RCE)
2022-07-25 22:01:46
github
github
Moodle PostScript Code Injection
2022-07-26 00:00:29
cve
cve
CVE-2022-35649
2022-07-25 16:15:08
prion
prion
Input validation
2022-07-25 16:15:00
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2022-7e7ce7df2e)
2022-07-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2022-81ce74b2dd)
2022-07-28 00:00:00
Moodle <= 3.9.14, 3.10 <= 3.11.7, 4.0 <= 4.0.1 Multiple Vulnerabilities
2022-07-26 00:00:00
nessus
nessus
Moodle 3.9.x < 3.9.15 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.11.x < 3.11.8 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 4.0.x < 4.0.2 Multiple Vulnerabilities
2023-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.8-1.fc36
2022-07-27 02:24:14
[SECURITY] Fedora 35 Update: moodle-3.11.8-1.fc35
2022-07-27 02:35:50
redos
redos
ROS-20221013-02
2022-10-13 00:00:00