MSA-26-0004: Update Symfony process module version to avoid a security risk (upstream)

Kurzinfo

Veroeffentlicht: 2026-02-17 10:33 UTC Importiert: 2026-05-14 18:44 UTC Quelle-ID: moodle uid_hash: 76d192d329b97bdae45b4a451ebd87c12b2578a8d0d13d7aa46e42fd0b4949fc
Moodle Security Announcements

Inhalt

by Michael Hawkins. The upstream Symfony process module version required updating to remove a command injection risk on Windows systems. Severity/Risk: Serious Versions affected: 4.5 to 4.5.8 Versions fixed: 4.5.9 Reported by: Dustin Frank CVE identifier: CVE-2024-51736 Changes (4.5.9): https://github.com/moodle/moodle/commit/3cf9457a36f5c5583ce5fdf6e3836d3d272289a8 Tracker issue: MDL-87594 Update Symfony process module version to avoid a security risk (upstream)

Verknuepfte CVEs

CVE-ID Severity (CVE.org) CVSS (CVE.org) EPSS EPSS-% Veroeffentlicht (CVE.org)

CVE-2024-51736

 - - - -

Quellen-Details

Bezeichnung Name Kategorie Tags Zielgruppe Sprache Feed-URL
Moodle Security Announcements

moodle

 vendor_advisory cms - de https://moodle.org/rss/file.php/154821/7ef1adaa0762dfdd7cd390868b6d9f2b/mod_forum/996/rss.xml
Zurueck zur Eintrags-Liste