MSA-26-0003: Denial of service risk in TeX formula editor

Kurzinfo

Veroeffentlicht: 2026-02-17 10:32 UTC Importiert: 2026-05-14 18:44 UTC Quelle-ID: moodle uid_hash: c22d680c585dc4d512a68a37aa7bc4cb870528b983298311079e81157764dc91
Moodle Security Announcements

Inhalt

by Michael Hawkins. Rendering of TeX content with mimetex in the formula editor required execution time limitations to prevent a denial of service risk. Severity/Risk: Serious Versions affected: 5.1 to 5.1.1, 5.0 to 5.0.4, 4.5 to 4.5.8 and earlier unsupported versions Versions fixed: 5.1.2, 5.0.5 and 4.5.9 Reported by: Aleksey Solovev (Positive Technologies) CVE identifier: CVE-2026-26047 Changes (5.1.2): https://github.com/moodle/moodle/commit/8683b4a04939332e353cad1be51222930dc40b2c Tracker issue: MDL-86785 Denial of service risk in TeX formula editor

Verknuepfte CVEs

CVE-ID Severity (CVE.org) CVSS (CVE.org) EPSS EPSS-% Veroeffentlicht (CVE.org)

CVE-2026-26047

 - - - -

Quellen-Details

Bezeichnung Name Kategorie Tags Zielgruppe Sprache Feed-URL
Moodle Security Announcements

moodle

 vendor_advisory cms - de https://moodle.org/rss/file.php/154821/7ef1adaa0762dfdd7cd390868b6d9f2b/mod_forum/996/rss.xml
Zurueck zur Eintrags-Liste