Vulnerabilities > Mahara > Mahara > 21.10.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-06 | CVE-2022-42707 | Unspecified vulnerability in Mahara In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions. | 7.5 |
2022-11-06 | CVE-2022-44544 | Unspecified vulnerability in Mahara Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript. | 9.8 |
2022-06-20 | CVE-2022-33913 | Missing Authorization vulnerability in Mahara In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check. | 7.5 |