BIT-moodle-2024-43426

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2024-43426.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-moodle-2024-43426

Aliases

Published

2025-08-06T05:49:42.427Z

Modified

2025-08-06T06:29:17.559683Z

Summary

Moodle: arbitrary file read risk through pdftex

Details

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

Database specific

{
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*"
    ],
    "severity": "High"
}

References

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

4.1.0

Fixed

4.1.12

Introduced

4.2.0

Fixed

4.2.9

Introduced

4.3.0

Fixed

4.3.6

Introduced

4.4.0

Fixed

4.4.2

Database specific

source

"https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2024-43426.json"