The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
References
Configurations
History
07 Nov 2023, 03:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
01 Aug 2022, 18:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
Fedoraproject
Moodle Moodle moodle Fedoraproject fedora |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2106273 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://moodle.org/mod/forum/discuss.php?d=436456 - Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/ - Mailing List, Third Party Advisory | |
References | (MISC) http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75044 - Patch, Vendor Advisory | |
CWE | CWE-20 |
27 Jul 2022, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Jul 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jul 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-25 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-35649
Mitre link : CVE-2022-35649
CVE.ORG link : CVE-2022-35649
JSON object : View
Products Affected
fedoraproject
- fedora
moodle
- moodle