Moodle 4.3.0

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:moodle:moodle:4.3.0:-:*:*:*:*:*:*

part: a version: 4.3.0 update: -

VendorMoodle (1f527b56-744d-5be6-b0f4-b691bd50b8c3)
ProductMoodle (221dc9da-2dde-53d2-a358-e0cb5ac858f7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/bitnami/moodle purl2cpe 2026-06-01 10:13:14.247749
pkg:github/moodle/moodle purl2cpe 2026-06-01 10:13:14.247750
pkg:rpm/fedora/moodle purl2cpe 2026-06-01 10:13:14.247752
pkg:rpm/opensuse/moodle purl2cpe 2026-06-01 10:13:14.247753

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-38275 vulnerable 2026-06-08 06:41:44.784334 moodle: HTTP authorization header is preserved between "emulated redirects"
The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.
Published: 2024-06-18T19:49:26.986Z
Updated: 2024-08-02T04:04:25.068Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.