{"id":"CVE-2018-1043","details":"In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.","aliases":["GHSA-hpwm-84h5-vqr8"],"modified":"2026-03-15T14:28:39.858298Z","published":"2018-01-22T08:29:00.287Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102769"},{"type":"ADVISORY","url":"https://moodle.org/mod/forum/discuss.php?d=364382"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moodle/moodle","events":[{"introduced":"0"},{"last_affected":"b182239f21c38ea57cddb41b0c03ef3eb02709f8"},{"introduced":"0"},{"last_affected":"07f6358b03027633f1c8e8b14cc03d771f4e7462"},{"introduced":"0"},{"last_affected":"70fa678586c32a4710c62a59f71d63e02bd9e500"},{"introduced":"0"},{"last_affected":"896ce9b4e654b42c62a87d4e160be8e137e6a76f"},{"introduced":"0"},{"last_affected":"23360fd95b4c4d9d7121475af1082fff19edbda2"},{"introduced":"0"},{"last_affected":"9146c518ece7c6b6623a9eb7a35aa174a6f1545b"},{"introduced":"0"},{"last_affected":"c0523b9857ac9542341c35d1acec486923282c2f"},{"introduced":"0"},{"last_affected":"b87a580aa3eb23d5f05d7f619fc40a89e0f86fe5"},{"introduced":"0"},{"last_affected":"8e4341402a5c9326257b3036a936f98e08b5492f"},{"introduced":"0"},{"last_affected":"3d77676d51dd9bf54b4ab4f9515c1b90c90de355"},{"introduced":"0"},{"last_affected":"22bce961b7d594da8f6649fe3c932901af1200d5"},{"introduced":"0"},{"last_affected":"665c3ac59c35b7387a4fc70b8ac6600ce9ffeb87"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.2.0"},{"introduced":"0"},{"last_affected":"3.2.1"},{"introduced":"0"},{"last_affected":"3.2.2"},{"introduced":"0"},{"last_affected":"3.2.3"},{"introduced":"0"},{"last_affected":"3.2.4"},{"introduced":"0"},{"last_affected":"3.2.5"},{"introduced":"0"},{"last_affected":"3.2.6"},{"introduced":"0"},{"last_affected":"3.3.0"},{"introduced":"0"},{"last_affected":"3.3.1"},{"introduced":"0"},{"last_affected":"3.3.2"},{"introduced":"0"},{"last_affected":"3.3.3"},{"introduced":"0"},{"last_affected":"3.4.0"}]}}],"versions":["v1.0.0","v1.0.1","v1.0.2","v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.0.8","v1.0.9","v1.1.0","v1.1.1","v1.2.0","v1.2.1","v1.3.0","v2.0.0","v2.0.0-rc1","v2.0.0-rc2","v2.0.1","v2.0.2","v2.1.0","v2.2.0","v2.2.0-beta","v2.2.0-rc1","v2.3.0","v2.3.0-beta","v2.3.0-rc1","v2.4.0","v2.4.0-beta","v2.4.0-rc1","v2.5.0","v2.5.0-beta","v2.5.0-rc1","v2.6.0","v2.6.0-beta","v2.6.0-rc1","v2.7.0","v2.7.0-beta","v2.7.0-rc1","v2.7.0-rc2","v2.8.0","v2.8.0-beta","v2.8.0-rc1","v2.8.0-rc2","v2.9.0","v2.9.0-beta","v2.9.0-rc1","v2.9.0-rc2","v3.0.0","v3.0.0-beta","v3.0.0-rc1","v3.0.0-rc2","v3.0.0-rc3","v3.0.0-rc4","v3.1.0","v3.1.0-beta","v3.1.0-rc1","v3.1.0-rc2","v3.2.0","v3.2.0-beta","v3.2.0-rc1","v3.2.0-rc2","v3.2.0-rc3","v3.2.0-rc4","v3.2.0-rc5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1043.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}