CVE-2024-34009

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-34009

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-34009.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-34009

Aliases

Downstream

UBUNTU-CVE-2024-34009

Published

2024-05-31T20:49:05.538Z

Modified

2026-05-09T12:46:02.660320Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

moodle: ReCAPTCHA can be bypassed on the login page

Details

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized.

Database specific

{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "4.3"
                },
                {
                    "last_affected": "4.3.3"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/34xxx/CVE-2024-34009.json",
    "cna_assigner": "fedora",
    "cwe_ids": [
        "CWE-20"
    ]
}

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type

GIT

Repo

https://github.com/moodle/moodle

Events

Introduced

fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f

Fixed

143c2cd5bef1268751d58bbfc6c66c1d93cb9797

Database specific

{
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "4.3.0"
        },
        {
            "fixed": "4.3.4"
        }
    ]
}

Affected versions

v4.*

v4.3.0

v4.3.1

v4.3.2

v4.3.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-34009.json"