[Git][security-tracker-team/security-tracker][master] Process some new moodle CVEs

Salvatore Bonaccorso (@carnil) Mon, 24 Feb 2025 22:40:03 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b0541631 by Salvatore Bonaccorso at 2025-02-25T07:39:31+01:00
Process some new moodle CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -114,21 +114,21 @@ CVE-2025-26803 (The http parser in Phusion Passenger 
6.0.21 through 6.0.25 befor
        NOTE: Introduced with: 
https://github.com/phusion/passenger/commit/f51fc490472882b236c52d708d605a1961dacb18
 (release-6.0.21)
        NOTE: Fixed by: 
https://github.com/phusion/passenger/commit/bb15591646687064ab2d578d5f9660b2a4168017
 (release-6.0.26)
 CVE-2025-26532 (Additional checks were required to ensure trusttext is applied 
(when e ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26531 (Insufficient capability checks made it possible to disable 
badges a us ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26530 (The question bank filter required additional sanitizing to 
prevent a r ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26529 (Description information displayed in the site administration 
live log  ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26528 (The drag-and-drop onto image (ddimageortext) question type 
required ad ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26527 (Tags not expected to be visible to a user could still be 
discovered by ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26526 (Separate Groups mode restrictions were not factored into 
permission  c ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26525 (Insufficient sanitizing in the TeX notation filter resulted in 
an  arb ...)
-       TODO: check
+       - moodle <removed>
 CVE-2025-26201 (Credential disclosure vulnerability via the /staff route in 
GreaterWMS ...)
        NOT-FOR-US: GreaterWMS
 CVE-2025-26200 (SQL injection in SLIMS v.9.6.1 allows a remote attacker to 
escalate pr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0541631e8443657648a412b8e45a2da693d5bd9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0541631e8443657648a412b8e45a2da693d5bd9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some new moodle CVEs

Reply via email to