{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T08:12:38.006","vulnerabilities":[{"cve":{"id":"CVE-2024-38275","sourceIdentifier":"patrick@puiterwijk.org","published":"2024-06-18T20:15:13.970","lastModified":"2025-04-30T23:35:59.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs."},{"lang":"es","value":"El contenedor cURL en Moodle retuvo los encabezados de solicitud originales al seguir redirecciones, por lo que la información del encabezado de autorización HTTP podría enviarse involuntariamente en solicitudes para redireccionar URL."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"patrick@puiterwijk.org","type":"Secondary","description":[{"lang":"en","value":"CWE-226"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-459"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionEndExcluding":"4.1.11","matchCriteriaId":"ABC3A60E-A580-462D-9C0B-73BD92B4F5F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.2.8","matchCriteriaId":"4EF79A9A-E117-44AF-BA6B-DC9620FDA8CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0","versionEndExcluding":"4.3.5","matchCriteriaId":"4E990456-42CD-4B17-8A62-1F2ACF3B0678"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"23575814-D590-4CDA-880B-E7214A53D7F5"}]}]}],"references":[{"url":"https://moodle.org/mod/forum/discuss.php?d=459500","source":"patrick@puiterwijk.org","tags":["Vendor Advisory"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=459500","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}