vulnerability
Ubuntu: (CVE-2019-3852): moodle vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Mar 26, 2019 | Jun 26, 2025 | Jun 26, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Mar 26, 2019
Added
Jun 26, 2025
Modified
Jun 26, 2025
Description
A vulnerability was found in moodle before version 3.6.3. The get_with_capability_join and get_users_by_capability functions were not taking context freezing into account when checking user capabilities
Solution
no-fix-ubuntu-package
References
- CVE-2019-3852
- https://attackerkb.com/topics/CVE-2019-3852
- URL-http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64410
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3852
- URL-https://moodle.org/mod/forum/discuss.php?d=384015#p1547748
- URL-https://www.cve.org/CVERecord?id=CVE-2019-3852
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.