Vulnerability Bulletins

MSA-23-0025: phpCAS library upgraded to 1.6.0 (upstream)

System information

Affected software PHP


by Michael Hawkins. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue.Severity/Risk:SeriousVersions affected:4.0 to 4.0.9, 3.11 to 3.11.15, 3.9 to 3.9.22 and earlier unsupported versionsVersions fixed:4.0.10, 3.11.16 and 3.9.23Reported by:Julien BoulenCVE identifier:CVE-2022-39369Changes (master): issue:MDL-78620 phpCAS

More info:

Standar resources

Property Value
CVE CVE-2022-39369.

Version history

Version Comments Date
1.0 Advisory issued 2023-08-22
Ministerio de Defensa