Total vulnerabilities in the database
The Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.
| Software | From | Fixed in |
|---|---|---|
| moodle / moodle | 2.4.3 | 2.4.3.x |
| moodle / moodle | 2.4.1 | 2.4.1.x |
| moodle / moodle | 2.4.9 | 2.4.9.x |
| moodle / moodle | 2.4.2 | 2.4.2.x |
| moodle / moodle | 2.4.6 | 2.4.6.x |
| moodle / moodle | 2.4.4 | 2.4.4.x |
| moodle / moodle | 2.4.7 | 2.4.7.x |
| moodle / moodle | 2.4.5 | 2.4.5.x |
| moodle / moodle | 2.4.8 | 2.4.8.x |
| moodle / moodle | 2.4.10 | 2.4.10.x |
| moodle / moodle | 2.4.0 | 2.4.0.x |
| moodle / moodle | 2.5.1 | 2.5.1.x |
| moodle / moodle | 2.5.3 | 2.5.3.x |
| moodle / moodle | 2.5.5 | 2.5.5.x |
| moodle / moodle | 2.5.2 | 2.5.2.x |
| moodle / moodle | 2.5.6 | 2.5.6.x |
| moodle / moodle | 2.5.4 | 2.5.4.x |
| moodle / moodle | 2.5.0 | 2.5.0.x |
| moodle / moodle | 2.7.0 | 2.7.0.x |
| moodle / moodle | 2.3.8 | 2.3.8.x |
| moodle / moodle | 2.3.4 | 2.3.4.x |
| moodle / moodle | 2.3.1 | 2.3.1.x |
| moodle / moodle | 2.3.6 | 2.3.6.x |
| moodle / moodle | 2.3.10 | 2.3.10.x |
| moodle / moodle | 2.3.5 | 2.3.5.x |
| moodle / moodle | 2.3.3 | 2.3.3.x |
| moodle / moodle | - | 2.3.11.x |
| moodle / moodle | 2.3.7 | 2.3.7.x |
| moodle / moodle | 2.3.2 | 2.3.2.x |
| moodle / moodle | 2.3.9 | 2.3.9.x |
| moodle / moodle | 2.3.0 | 2.3.0.x |
| moodle / moodle | 2.6.1 | 2.6.1.x |
| moodle / moodle | 2.6.2 | 2.6.2.x |
| moodle / moodle | 2.6.3 | 2.6.3.x |
| moodle / moodle | 2.6.0 | 2.6.0.x |