Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/28044?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/28044?format=api", "purl": "pkg:composer/moodle/moodle@4.0.5", "type": "composer", "namespace": "moodle", "name": "moodle", "version": "4.0.5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.5.9", "latest_non_vulnerable_version": "5.1.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31757?format=api", "vulnerability_id": "VCID-24a4-k6sm-zfey", "summary": "A flaw was found in moodle. Some hidden user profile fields are visible in gradebook reports, which could result in users without the \"view hidden user fields\" capability having access to the information.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79541", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79541" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53291", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53417", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53418", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.53432", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43429" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43429", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43429" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461197", "reference_id": "discuss.php?d=461197", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461197" }, { "reference_url": "https://github.com/advisories/GHSA-c767-4whh-v7rw", "reference_id": "GHSA-c767-4whh-v7rw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c767-4whh-v7rw" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304257", "reference_id": "show_bug.cgi?id=2304257", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:15:16Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304257" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43429", "GHSA-c767-4whh-v7rw" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24a4-k6sm-zfey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32118?format=api", "vulnerability_id": "VCID-352q-17as-77gz", "summary": "Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.51002", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.51014", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50999", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50866", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25981" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1c059cb3fe39da46959e912dc671844dd204e83b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1c059cb3fe39da46959e912dc671844dd204e83b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25981", "reference_id": "CVE-2024-25981", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25981" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455637", "reference_id": "discuss.php?d=455637", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455637" }, { "reference_url": "https://github.com/advisories/GHSA-jfrg-9hpq-9hvp", "reference_id": "GHSA-jfrg-9hpq-9hvp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jfrg-9hpq-9hvp" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80504", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80504", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80504" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264097", "reference_id": "show_bug.cgi?id=2264097", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:54:36Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264097" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25981", "GHSA-jfrg-9hpq-9hvp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-352q-17as-77gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133529?format=api", "vulnerability_id": "VCID-35xa-1mjs-a3au", "summary": "ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02379", "scoring_system": "epss", "scoring_elements": "0.85381", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02379", "scoring_system": "epss", "scoring_elements": "0.85327", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02379", "scoring_system": "epss", "scoring_elements": "0.85379", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02379", "scoring_system": "epss", "scoring_elements": "0.85388", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5546" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/aa8ab48521fe4a57c3ec923e6e82a5ac1202e9de", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/aa8ab48521fe4a57c3ec923e6e82a5ac1202e9de" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5546", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5546" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451587", "reference_id": "discuss.php?d=451587", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:14:29Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451587" }, { "reference_url": "https://github.com/advisories/GHSA-9724-h8p7-r3jv", "reference_id": "GHSA-9724-h8p7-r3jv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9724-h8p7-r3jv" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:14:29Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243445", "reference_id": "show_bug.cgi?id=2243445", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:14:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243445" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5546", "GHSA-9724-h8p7-r3jv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35xa-1mjs-a3au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40679?format=api", "vulnerability_id": "VCID-364m-hhsz-dfcs", "summary": "A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to \"magic hash\" values.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60264", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60375", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60382", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.60371", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45691" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3fc1073d304f660d2552b591c5fb92547ed01e92", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3fc1073d304f660d2552b591c5fb92547ed01e92" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461897#p1854494", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461897#p1854494" }, { "reference_url": "https://moodle.org/security", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/security" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45691", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45691" }, { "reference_url": "https://github.com/advisories/GHSA-xfv7-h2qg-rjm7", "reference_id": "GHSA-xfv7-h2qg-rjm7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xfv7-h2qg-rjm7" }, { "reference_url": "https://moodle.org/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:16Z/" } ], "url": "https://moodle.org/security/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309940", "reference_id": "show_bug.cgi?id=2309940", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:16Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309940" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372835?format=api", "purl": "pkg:composer/moodle/moodle@4.1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/372836?format=api", "purl": "pkg:composer/moodle/moodle@4.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/372837?format=api", "purl": "pkg:composer/moodle/moodle@4.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/372780?format=api", "purl": "pkg:composer/moodle/moodle@4.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3" } ], "aliases": [ "CVE-2024-45691", "GHSA-xfv7-h2qg-rjm7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-364m-hhsz-dfcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109180?format=api", "vulnerability_id": "VCID-3dr4-hds3-ckbr", "summary": "A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09012", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09051", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09063", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09061", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67847" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471297#p1892199", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471297#p1892199" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67847", "reference_id": "CVE-2025-67847", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-24T04:55:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67847" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67847", "reference_id": "CVE-2025-67847", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67847" }, { "reference_url": "https://github.com/advisories/GHSA-xvmh-25jw-gmmm", "reference_id": "GHSA-xvmh-25jw-gmmm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xvmh-25jw-gmmm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67847", "GHSA-xvmh-25jw-gmmm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3dr4-hds3-ckbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37254?format=api", "vulnerability_id": "VCID-3ee8-byud-7kab", "summary": "A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40429", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.4044", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40418", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.4025", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38277" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0caedaab7cd5a46331d56654ce9301b0a5a04c56", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0caedaab7cd5a46331d56654ce9301b0a5a04c56" }, { "reference_url": "https://github.com/moodle/moodle/commit/1aea4a15281d81f2414a95aa485b8a6551708f57", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1aea4a15281d81f2414a95aa485b8a6551708f57" }, { "reference_url": "https://github.com/moodle/moodle/commit/ad46a97f5355f0451d52e9f1a0f528d9a6f12e06", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ad46a97f5355f0451d52e9f1a0f528d9a6f12e06" }, { "reference_url": "https://github.com/moodle/moodle/commit/d05795db8eece2943241a29a5443fb4685ba6070", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d05795db8eece2943241a29a5443fb4685ba6070" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38277", "reference_id": "CVE-2024-38277", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38277" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=459502", "reference_id": "discuss.php?d=459502", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=459502" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/", "reference_id": "F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/" }, { "reference_url": "https://github.com/advisories/GHSA-r82w-3phg-qvr4", "reference_id": "GHSA-r82w-3phg-qvr4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r82w-3phg-qvr4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/", "reference_id": "GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-21T15:55:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32235?format=api", "purl": "pkg:composer/moodle/moodle@4.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/32234?format=api", "purl": "pkg:composer/moodle/moodle@4.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32230?format=api", "purl": "pkg:composer/moodle/moodle@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/32232?format=api", "purl": "pkg:composer/moodle/moodle@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-q51n-px1r-tkh4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1" } ], "aliases": [ "CVE-2024-38277", "GHSA-r82w-3phg-qvr4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ee8-byud-7kab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108958?format=api", "vulnerability_id": "VCID-3s11-9e4p-pygy", "summary": "A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized viewers to see internal user IDs, compromising the intended anonymity and potentially leading to information disclosure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06036", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06029", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06051", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06043", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67857" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ac30e7e19357f696979b7ffd760a7131b6ad88f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ac30e7e19357f696979b7ffd760a7131b6ad88f6" }, { "reference_url": "https://github.com/moodle/moodle/commit/c6cb8d971257c04a12a2c5d8510a89cb906f46f0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c6cb8d971257c04a12a2c5d8510a89cb906f46f0" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67857", "reference_id": "CVE-2025-67857", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:40:38Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67857" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67857", "reference_id": "CVE-2025-67857", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67857" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471307", "reference_id": "discuss.php?d=471307", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:40:38Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471307" }, { "reference_url": "https://github.com/advisories/GHSA-8jrv-wx83-w3xj", "reference_id": "GHSA-8jrv-wx83-w3xj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8jrv-wx83-w3xj" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423868", "reference_id": "show_bug.cgi?id=2423868", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:40:38Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67857", "GHSA-8jrv-wx83-w3xj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s11-9e4p-pygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37290?format=api", "vulnerability_id": "VCID-3v15-csmz-sfe9", "summary": "Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00994", "scoring_system": "epss", "scoring_elements": "0.77446", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00994", "scoring_system": "epss", "scoring_elements": "0.77437", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00994", "scoring_system": "epss", "scoring_elements": "0.77361", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00994", "scoring_system": "epss", "scoring_elements": "0.77431", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38274" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38274", "reference_id": "CVE-2024-38274", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38274" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=459499", "reference_id": "discuss.php?d=459499", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=459499" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/", "reference_id": "F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/" }, { "reference_url": "https://github.com/advisories/GHSA-p5cg-6rfr-6mx8", "reference_id": "GHSA-p5cg-6rfr-6mx8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p5cg-6rfr-6mx8" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/", "reference_id": "GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T18:37:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32235?format=api", "purl": "pkg:composer/moodle/moodle@4.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/32234?format=api", "purl": "pkg:composer/moodle/moodle@4.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32230?format=api", "purl": "pkg:composer/moodle/moodle@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/32232?format=api", "purl": "pkg:composer/moodle/moodle@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-q51n-px1r-tkh4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1" } ], "aliases": [ "CVE-2024-38274", "GHSA-p5cg-6rfr-6mx8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3v15-csmz-sfe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101499?format=api", "vulnerability_id": "VCID-43r9-m1xz-5qge", "summary": "Description information displayed in the site administration live log \nrequired additional sanitizing to prevent a stored XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.76993", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.77", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.7692", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00961", "scoring_system": "epss", "scoring_elements": "0.77007", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26529" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26529", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26529" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466145", "reference_id": "discuss.php?d=466145", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:38Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466145" }, { "reference_url": "https://github.com/advisories/GHSA-wr88-x8cm-7cgq", "reference_id": "GHSA-wr88-x8cm-7cgq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wr88-x8cm-7cgq" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T20:05:38Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84145" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26529", "GHSA-wr88-x8cm-7cgq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43r9-m1xz-5qge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129649?format=api", "vulnerability_id": "VCID-54uj-r3xh-m7ae", "summary": "The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78317", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.7824", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78322", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78308", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30944" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5521d1d6e8bb8bebb76ad8154095f6b18ea26e7f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5521d1d6e8bb8bebb76ad8154095f6b18ea26e7f" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30944", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30944" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I/", "reference_id": "54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/54TM5H5PDUDYXOQ7X7PPYWP4AJDAE73I/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=446286", "reference_id": "discuss.php?d=446286", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=446286" }, { "reference_url": "https://github.com/advisories/GHSA-7mmc-22g7-3xq2", "reference_id": "GHSA-7mmc-22g7-3xq2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7mmc-22g7-3xq2" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY/", "reference_id": "MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZBWRVUJF7HI53XCJPJ3YJZPOV5HBRUY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS/", "reference_id": "PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBFSXRYLT4ICKJVQSRBAOUDMDRVSVBLS/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188606", "reference_id": "show_bug.cgi?id=2188606", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T19:37:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188606" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/393466?format=api", "purl": "pkg:composer/moodle/moodle@4.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/393463?format=api", "purl": "pkg:composer/moodle/moodle@4.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381987?format=api", "purl": "pkg:composer/moodle/moodle@4.2.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.0-rc2" } ], "aliases": [ "CVE-2023-30944", "GHSA-7mmc-22g7-3xq2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54uj-r3xh-m7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31544?format=api", "vulnerability_id": "VCID-575h-xhz7-augs", "summary": "A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81394", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81394" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01529", "scoring_system": "epss", "scoring_elements": "0.8171", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01529", "scoring_system": "epss", "scoring_elements": "0.81771", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01529", "scoring_system": "epss", "scoring_elements": "0.81772", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01529", "scoring_system": "epss", "scoring_elements": "0.8178", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43437" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43437", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43437" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461207", "reference_id": "discuss.php?d=461207", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461207" }, { "reference_url": "https://github.com/advisories/GHSA-4hjf-6pxr-549h", "reference_id": "GHSA-4hjf-6pxr-549h", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4hjf-6pxr-549h" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304266", "reference_id": "show_bug.cgi?id=2304266", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-11T14:28:15Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304266" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43437", "GHSA-4hjf-6pxr-549h" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-575h-xhz7-augs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108981?format=api", "vulnerability_id": "VCID-57uf-tz1x-akdt", "summary": "A flaw was found in moodle. This formula injection vulnerability occurs when data fields are exported without proper escaping. A remote attacker could exploit this by providing malicious data that, when exported and opened in a spreadsheet, allows arbitrary formulas to execute. This can lead to compromised data integrity and unintended operations within the spreadsheet.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19904", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19912", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19927", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67851" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/29820c5ff4ef381c7a743091ec5c68ac82903b22", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/29820c5ff4ef381c7a743091ec5c68ac82903b22" }, { "reference_url": "https://github.com/moodle/moodle/commit/aa66bacd0783cbc33528fba9c2adca1f685a59bd", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/aa66bacd0783cbc33528fba9c2adca1f685a59bd" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc57ccc491a2a04032445a3ee92fd0d335ebd746", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc57ccc491a2a04032445a3ee92fd0d335ebd746" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67851", "reference_id": "CVE-2025-67851", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T17:02:36Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67851" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67851", "reference_id": "CVE-2025-67851", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67851" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471301", "reference_id": "discuss.php?d=471301", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T17:02:36Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471301" }, { "reference_url": "https://github.com/advisories/GHSA-qfh6-h7j6-fvjv", "reference_id": "GHSA-qfh6-h7j6-fvjv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qfh6-h7j6-fvjv" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423841", "reference_id": "show_bug.cgi?id=2423841", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T17:02:36Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423841" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67851", "GHSA-qfh6-h7j6-fvjv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57uf-tz1x-akdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133291?format=api", "vulnerability_id": "VCID-59gr-d6p5-u7fv", "summary": "The course upload preview contained an XSS risk for users uploading unsafe data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33964", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33784", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33963", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33986", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5547" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/833e818f022cce8373922afaa0cc6c8726b6b079", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/833e818f022cce8373922afaa0cc6c8726b6b079" }, { "reference_url": "https://github.com/moodle/moodle/commit/ef67f43c67e00c271658e42fc2e9cbe5fc94a87e", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ef67f43c67e00c271658e42fc2e9cbe5fc94a87e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5547", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5547" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451588", "reference_id": "discuss.php?d=451588", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451588" }, { "reference_url": "https://github.com/advisories/GHSA-9gqp-3g28-w9xc", "reference_id": "GHSA-9gqp-3g28-w9xc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9gqp-3g28-w9xc" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79455" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243447", "reference_id": "show_bug.cgi?id=2243447", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:25:11Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243447" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5547", "GHSA-9gqp-3g28-w9xc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59gr-d6p5-u7fv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134362?format=api", "vulnerability_id": "VCID-5ben-6zhd-ruhj", "summary": "Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00894", "scoring_system": "epss", "scoring_elements": "0.7604", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00894", "scoring_system": "epss", "scoring_elements": "0.76119", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00894", "scoring_system": "epss", "scoring_elements": "0.76125", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00894", "scoring_system": "epss", "scoring_elements": "0.76112", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28331" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1899e0397350c4c2bb3e73773981f66f16f8f2fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1899e0397350c4c2bb3e73773981f66f16f8f2fc" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=1899e0397350c4c2bb3e73773981f66f16f8f2fc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=1899e0397350c4c2bb3e73773981f66f16f8f2fc" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28331", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28331" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T20:19:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445063", "reference_id": "discuss.php?d=445063", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T20:19:46Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445063" }, { "reference_url": "https://github.com/advisories/GHSA-77jm-f3vj-xvx2", "reference_id": "GHSA-77jm-f3vj-xvx2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-77jm-f3vj-xvx2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179418", "reference_id": "show_bug.cgi?id=2179418", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T20:19:46Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179418" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28331", "GHSA-77jm-f3vj-xvx2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ben-6zhd-ruhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/130719?format=api", "vulnerability_id": "VCID-5cgw-81c9-aqew", "summary": "The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.5262", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52498", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52626", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52637", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23922" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23922", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23922" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=443273#p1782022", "reference_id": "discuss.php?d=443273#p1782022", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:34:09Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=443273#p1782022" }, { "reference_url": "https://github.com/advisories/GHSA-grmj-gpwm-98ww", "reference_id": "GHSA-grmj-gpwm-98ww", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-grmj-gpwm-98ww" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76861", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76861", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:34:09Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76861" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162547", "reference_id": "show_bug.cgi?id=2162547", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T19:34:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162547" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380387?format=api", "purl": "pkg:composer/moodle/moodle@4.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/380388?format=api", "purl": "pkg:composer/moodle/moodle@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dqmx-7x1r-qbf6" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.1" } ], "aliases": [ "CVE-2023-23922", "GHSA-grmj-gpwm-98ww" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5cgw-81c9-aqew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134656?format=api", "vulnerability_id": "VCID-5fq8-66xt-2qfq", "summary": "Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28336", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66878", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66879", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66772", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66864", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28336" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/a931a7f8cec3657827268837b27962a13817ca2b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a931a7f8cec3657827268837b27962a13817ca2b" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=a931a7f8cec3657827268837b27962a13817ca2b", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=a931a7f8cec3657827268837b27962a13817ca2b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28336", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28336" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:34:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445068", "reference_id": "discuss.php?d=445068", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:34:12Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445068" }, { "reference_url": "https://github.com/advisories/GHSA-prjm-2fj2-787f", "reference_id": "GHSA-prjm-2fj2-787f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-prjm-2fj2-787f" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179426", "reference_id": "show_bug.cgi?id=2179426", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:34:12Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179426" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28336", "GHSA-prjm-2fj2-787f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5fq8-66xt-2qfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53684?format=api", "vulnerability_id": "VCID-5uk3-pd1j-ykgr", "summary": "Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81352", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81352" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77457", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77387", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77463", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00997", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33997" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/25b1b643c873f6d83ae61903012896b2811fa3bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/25b1b643c873f6d83ae61903012896b2811fa3bb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33997", "reference_id": "CVE-2024-33997", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33997" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458385", "reference_id": "discuss.php?d=458385", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T16:36:59Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458385" }, { "reference_url": "https://github.com/advisories/GHSA-9qgq-93c7-9hm4", "reference_id": "GHSA-9qgq-93c7-9hm4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9qgq-93c7-9hm4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-33997", "GHSA-9qgq-93c7-9hm4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5uk3-pd1j-ykgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37649?format=api", "vulnerability_id": "VCID-5zy2-a2hw-tuba", "summary": "Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42167", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42178", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42156", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41992", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38273" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/500cec575731fd8575569dcb5811535751dddae1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/500cec575731fd8575569dcb5811535751dddae1" }, { "reference_url": "https://github.com/moodle/moodle/commit/647b9dc06409211018c9f28581504d096ce9e3a8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/647b9dc06409211018c9f28581504d096ce9e3a8" }, { "reference_url": "https://github.com/moodle/moodle/commit/6c0645ca29b195b5caaffc27d80f2ff715c33a48", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6c0645ca29b195b5caaffc27d80f2ff715c33a48" }, { "reference_url": "https://github.com/moodle/moodle/commit/a10506b8d70609478fef156d489e0c7d727b6098", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a10506b8d70609478fef156d489e0c7d727b6098" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38273", "reference_id": "CVE-2024-38273", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38273" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=459498", "reference_id": "discuss.php?d=459498", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=459498" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/", "reference_id": "F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/" }, { "reference_url": "https://github.com/advisories/GHSA-x29x-qwvx-fxr2", "reference_id": "GHSA-x29x-qwvx-fxr2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x29x-qwvx-fxr2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/", "reference_id": "GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-20T18:54:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32235?format=api", "purl": "pkg:composer/moodle/moodle@4.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/32234?format=api", "purl": "pkg:composer/moodle/moodle@4.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32230?format=api", "purl": "pkg:composer/moodle/moodle@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/32232?format=api", "purl": "pkg:composer/moodle/moodle@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-q51n-px1r-tkh4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1" } ], "aliases": [ "CVE-2024-38273", "GHSA-x29x-qwvx-fxr2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5zy2-a2hw-tuba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133470?format=api", "vulnerability_id": "VCID-67af-4zk5-sfb2", "summary": "A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84838", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84785", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84837", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84846", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5540" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/3400ae6510b11202aa9d86f7e75b3dff10d81522", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3400ae6510b11202aa9d86f7e75b3dff10d81522" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5540", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5540" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451581", "reference_id": "discuss.php?d=451581", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451581" }, { "reference_url": "https://github.com/advisories/GHSA-w8x2-w4qr-v3x4", "reference_id": "GHSA-w8x2-w4qr-v3x4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w8x2-w4qr-v3x4" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79409" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243432", "reference_id": "show_bug.cgi?id=2243432", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-22T20:12:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243432" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5540", "GHSA-w8x2-w4qr-v3x4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67af-4zk5-sfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114321?format=api", "vulnerability_id": "VCID-67tn-z6kv-vybp", "summary": "A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81945", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81945" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3591", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3609", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36114", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36101", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32045" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467086", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467086" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32045", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32045" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-32045", "reference_id": "CVE-2025-32045", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:37:20Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-32045" }, { "reference_url": "https://github.com/advisories/GHSA-8m7c-hm88-2p97", "reference_id": "GHSA-8m7c-hm88-2p97", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8m7c-hm88-2p97" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356835", "reference_id": "show_bug.cgi?id=2356835", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:37:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356835" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376260?format=api", "purl": "pkg:composer/moodle/moodle@4.1.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/376261?format=api", "purl": "pkg:composer/moodle/moodle@4.3.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/376262?format=api", "purl": "pkg:composer/moodle/moodle@4.4.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/376263?format=api", "purl": "pkg:composer/moodle/moodle@4.5.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.3" } ], "aliases": [ "CVE-2025-32045", "GHSA-8m7c-hm88-2p97" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67tn-z6kv-vybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133649?format=api", "vulnerability_id": "VCID-6h6h-ny96-x7hu", "summary": "When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25316", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25112", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25311", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25328", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5543" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5543", "reference_id": "CVE-2023-5543", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5543" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451584", "reference_id": "discuss.php?d=451584", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T21:03:37Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451584" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77795", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77795", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T21:03:37Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77795" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442", "reference_id": "show_bug.cgi?id=2243442", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T21:03:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243442" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" } ], "aliases": [ "CVE-2023-5543" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6h6h-ny96-x7hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134478?format=api", "vulnerability_id": "VCID-6kc6-1dyn-gqft", "summary": "If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28332", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.75109", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.75112", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.75029", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00832", "scoring_system": "epss", "scoring_elements": "0.75099", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28332" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/9f178c1f816e78ec024ab16a10192c81305b2624", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9f178c1f816e78ec024ab16a10192c81305b2624" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=9f178c1f816e78ec024ab16a10192c81305b2624", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=9f178c1f816e78ec024ab16a10192c81305b2624" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28332", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28332" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:35:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445064", "reference_id": "discuss.php?d=445064", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:35:45Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445064" }, { "reference_url": "https://github.com/advisories/GHSA-9f45-9qrw-pp4v", "reference_id": "GHSA-9f45-9qrw-pp4v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9f45-9qrw-pp4v" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179419", "reference_id": "show_bug.cgi?id=2179419", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:35:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179419" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28332", "GHSA-9f45-9qrw-pp4v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6kc6-1dyn-gqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134288?format=api", "vulnerability_id": "VCID-6nag-3wnp-tua2", "summary": "Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28329", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79765", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79839", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79847", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.7983", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28329" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/81e74af17f419f7910f81279efecf5c7af09f38d", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/81e74af17f419f7910f81279efecf5c7af09f38d" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77046", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77046" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28329", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28329" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:27:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445061", "reference_id": "discuss.php?d=445061", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:27:31Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445061" }, { "reference_url": "https://github.com/advisories/GHSA-72w2-j52c-7682", "reference_id": "GHSA-72w2-j52c-7682", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-72w2-j52c-7682" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179406", "reference_id": "show_bug.cgi?id=2179406", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:27:31Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179406" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28329", "GHSA-72w2-j52c-7682" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6nag-3wnp-tua2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127467?format=api", "vulnerability_id": "VCID-7a6m-m4t2-5ydp", "summary": "A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3645", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26804", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26604", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26806", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2682", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3645" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2fd810c8981f9b10087467a3b8fce779b157200f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2fd810c8981f9b10087467a3b8fce779b157200f" }, { "reference_url": "https://github.com/moodle/moodle/commit/a8179842b450659c288f284e06361a4fbab8742a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a8179842b450659c288f284e06361a4fbab8742a" }, { "reference_url": "https://github.com/moodle/moodle/commit/bb65effe41524d8373c1dc499c3323ac469ea558", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bb65effe41524d8373c1dc499c3323ac469ea558" }, { "reference_url": "https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-72704&type=commits", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-72704&type=commits" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3645", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3645" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3645", "reference_id": "CVE-2025-3645", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3645" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467606", "reference_id": "discuss.php?d=467606", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467606" }, { "reference_url": "https://github.com/advisories/GHSA-pj96-xh2w-fgqx", "reference_id": "GHSA-pj96-xh2w-fgqx", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pj96-xh2w-fgqx" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359761", "reference_id": "show_bug.cgi?id=2359761", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359761" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3645", "GHSA-pj96-xh2w-fgqx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7a6m-m4t2-5ydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32107?format=api", "vulnerability_id": "VCID-7z7h-w68u-1bc7", "summary": "Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37771", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37582", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37759", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37784", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25980" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/662192fcecdefdaae79f55db96bd64dbcdeef85b", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/662192fcecdefdaae79f55db96bd64dbcdeef85b" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25980", "reference_id": "CVE-2024-25980", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25980" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455636", "reference_id": "discuss.php?d=455636", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455636" }, { "reference_url": "https://github.com/advisories/GHSA-cp8m-h777-g4p3", "reference_id": "GHSA-cp8m-h777-g4p3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cp8m-h777-g4p3" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80501" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264096", "reference_id": "show_bug.cgi?id=2264096", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:42:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264096" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25980", "GHSA-cp8m-h777-g4p3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7z7h-w68u-1bc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127040?format=api", "vulnerability_id": "VCID-7zqn-5pyf-pyg9", "summary": "A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3641", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71841", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71745", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71831", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71844", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3641" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/27b839b5c60389623ca8e3496792b43a44527cd6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/27b839b5c60389623ca8e3496792b43a44527cd6" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3641", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3641" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3641", "reference_id": "CVE-2025-3641", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3641" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467602", "reference_id": "discuss.php?d=467602", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467602" }, { "reference_url": "https://github.com/advisories/GHSA-c8v6-vxhf-wcrr", "reference_id": "GHSA-c8v6-vxhf-wcrr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-c8v6-vxhf-wcrr" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359735", "reference_id": "show_bug.cgi?id=2359735", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359735" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3641", "GHSA-c8v6-vxhf-wcrr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7zqn-5pyf-pyg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71012?format=api", "vulnerability_id": "VCID-82cj-8rk2-kygn", "summary": "A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available to privileged users, exploitation requires authenticated access. Successful exploitation could result in full compromise of the Moodle server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29729", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2953", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29727", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29745", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26045" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/566054ba11f609a6d48d09b32e85d435d49927da", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/566054ba11f609a6d48d09b32e85d435d49927da" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=473314", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=473314" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-26045", "reference_id": "CVE-2026-26045", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T04:56:33Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-26045" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26045", "reference_id": "CVE-2026-26045", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26045" }, { "reference_url": "https://github.com/advisories/GHSA-ggxq-2mg9-8966", "reference_id": "GHSA-ggxq-2mg9-8966", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-ggxq-2mg9-8966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440901", "reference_id": "show_bug.cgi?id=2440901", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-24T04:56:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440901" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/39494?format=api", "purl": "pkg:composer/moodle/moodle@4.5.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/39493?format=api", "purl": "pkg:composer/moodle/moodle@5.0.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/39495?format=api", "purl": "pkg:composer/moodle/moodle@5.1.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.2" } ], "aliases": [ "CVE-2026-26045", "GHSA-ggxq-2mg9-8966" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82cj-8rk2-kygn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/126909?format=api", "vulnerability_id": "VCID-87yg-v5af-mfd4", "summary": "A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting (XSS) risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3643", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32248", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32067", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32252", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3227", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3643" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ff9bbd6d9e7d6267ce85e6c9afbeb19581f2a85f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ff9bbd6d9e7d6267ce85e6c9afbeb19581f2a85f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3643", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3643" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3643", "reference_id": "CVE-2025-3643", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3643" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467604", "reference_id": "discuss.php?d=467604", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467604" }, { "reference_url": "https://github.com/advisories/GHSA-hxgg-4qww-85ph", "reference_id": "GHSA-hxgg-4qww-85ph", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hxgg-4qww-85ph" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359742", "reference_id": "show_bug.cgi?id=2359742", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:55Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3643", "GHSA-hxgg-4qww-85ph" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-87yg-v5af-mfd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/355465?format=api", "vulnerability_id": "VCID-8djk-7q86-hqck", "summary": "", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76810", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76810" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52498", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52626", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52637", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.5262", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162526", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162526" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=443272#p1782021", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=443272#p1782021" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23921", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23921" }, { "reference_url": "https://github.com/advisories/GHSA-97qf-pq7x-964m", "reference_id": "GHSA-97qf-pq7x-964m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-97qf-pq7x-964m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380387?format=api", "purl": "pkg:composer/moodle/moodle@4.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/380388?format=api", "purl": "pkg:composer/moodle/moodle@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dqmx-7x1r-qbf6" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.1" } ], "aliases": [ "CVE-2023-23921", "GHSA-97qf-pq7x-964m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8djk-7q86-hqck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40697?format=api", "vulnerability_id": "VCID-8w1a-ft6h-g7bt", "summary": "A flaw was found in Moodle. Dynamic tables did not enforce capability checks, which resulted in users having the ability to retrieve information they did not have permission to access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45689", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31632", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31615", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31423", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45689" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/bb466df202a4b4a692006298f93cbba20566949c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bb466df202a4b4a692006298f93cbba20566949c" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461894#p1854491", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461894#p1854491" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45689", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45689" }, { "reference_url": "https://github.com/advisories/GHSA-j822-x5gg-5r56", "reference_id": "GHSA-j822-x5gg-5r56", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j822-x5gg-5r56" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309941", "reference_id": "show_bug.cgi?id=2309941", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T19:17:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309941" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372835?format=api", "purl": "pkg:composer/moodle/moodle@4.1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/372836?format=api", "purl": "pkg:composer/moodle/moodle@4.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/372837?format=api", "purl": "pkg:composer/moodle/moodle@4.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/372780?format=api", "purl": "pkg:composer/moodle/moodle@4.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3" } ], "aliases": [ "CVE-2024-45689", "GHSA-j822-x5gg-5r56" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8w1a-ft6h-g7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101646?format=api", "vulnerability_id": "VCID-8ydw-ymjw-4qhd", "summary": "Insufficient capability checks made it possible to disable badges a user does not have permission to access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57565", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5757", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57449", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57579", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26531" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26531", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26531" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466148", "reference_id": "discuss.php?d=466148", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:42Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466148" }, { "reference_url": "https://github.com/advisories/GHSA-g88w-v4cq-qgcp", "reference_id": "GHSA-g88w-v4cq-qgcp", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g88w-v4cq-qgcp" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:42Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84239" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26531", "GHSA-g88w-v4cq-qgcp" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ydw-ymjw-4qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/126890?format=api", "vulnerability_id": "VCID-95fs-szzk-c3h5", "summary": "A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full name and profile image URL, of other users they did not have permission to access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37062", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3724", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40183", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40194", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3640" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/64a4311266cbe9a9a942c836931bef224018b77d", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/64a4311266cbe9a9a942c836931bef224018b77d" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3640", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3640" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3640", "reference_id": "CVE-2025-3640", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3640" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467601", "reference_id": "discuss.php?d=467601", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467601" }, { "reference_url": "https://github.com/advisories/GHSA-6g5x-h5x7-q4mq", "reference_id": "GHSA-6g5x-h5x7-q4mq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6g5x-h5x7-q4mq" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359734", "reference_id": "show_bug.cgi?id=2359734", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:58Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359734" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3640", "GHSA-6g5x-h5x7-q4mq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-95fs-szzk-c3h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56246?format=api", "vulnerability_id": "VCID-9fr5-4a3g-pbga", "summary": "A vulnerability was found in Moodle. It is possible for users with the \"send message\" capability to view other users' names that they may not otherwise have access to via an error message in Messaging. Note: The name returned follows the full name format configured on the site.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54573", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54715", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0031", "scoring_system": "epss", "scoring_elements": "0.54698", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48896" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48896", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48896" }, { "reference_url": "https://github.com/advisories/GHSA-cq5f-wv7p-5gfc", "reference_id": "GHSA-cq5f-wv7p-5gfc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cq5f-wv7p-5gfc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318822", "reference_id": "show_bug.cgi?id=2318822", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:57:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318822" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372790?format=api", "purl": "pkg:composer/moodle/moodle@4.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/372791?format=api", "purl": "pkg:composer/moodle/moodle@4.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/372792?format=api", "purl": "pkg:composer/moodle/moodle@4.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/372793?format=api", "purl": "pkg:composer/moodle/moodle@4.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4" } ], "aliases": [ "CVE-2024-48896", "GHSA-cq5f-wv7p-5gfc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fr5-4a3g-pbga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133435?format=api", "vulnerability_id": "VCID-9szm-emq8-gfdf", "summary": "Students in \"Only see own membership\" groups could see other students in the group, which should be hidden.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50748", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.5061", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50744", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50761", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5542" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/b0bb97ee3b481dd85d8f1ed3612f70c9d1939014", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b0bb97ee3b481dd85d8f1ed3612f70c9d1939014" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5542", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5542" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451583", "reference_id": "discuss.php?d=451583", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:11Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451583" }, { "reference_url": "https://github.com/advisories/GHSA-8mm2-m2gp-c6x2", "reference_id": "GHSA-8mm2-m2gp-c6x2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mm2-m2gp-c6x2" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79213", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79213", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:11Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79213" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441", "reference_id": "show_bug.cgi?id=2243441", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-21T17:05:11Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243441" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5542", "GHSA-8mm2-m2gp-c6x2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9szm-emq8-gfdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133456?format=api", "vulnerability_id": "VCID-9u8e-pp4p-nqht", "summary": "In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01474", "scoring_system": "epss", "scoring_elements": "0.81438", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01474", "scoring_system": "epss", "scoring_elements": "0.81369", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01474", "scoring_system": "epss", "scoring_elements": "0.81429", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5550" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/77766f9c8af8fc8d861d7ac09ce4e1f6e72faca7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/77766f9c8af8fc8d861d7ac09ce4e1f6e72faca7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5550", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5550" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451591", "reference_id": "discuss.php?d=451591", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451591" }, { "reference_url": "https://github.com/advisories/GHSA-5cvx-cwpx-9rjh", "reference_id": "GHSA-5cvx-cwpx-9rjh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5cvx-cwpx-9rjh" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452", "reference_id": "show_bug.cgi?id=2243452", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:58:39Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243452" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5550", "GHSA-5cvx-cwpx-9rjh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9u8e-pp4p-nqht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134708?format=api", "vulnerability_id": "VCID-actu-ux4t-uyb1", "summary": "Authenticated users were able to enumerate other users' names via the learning plans page.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28334", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51448", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51576", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.5159", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51579", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28334" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0e3c8eb740e1e49a62a5f452cda7e06258712bbf", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0e3c8eb740e1e49a62a5f452cda7e06258712bbf" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=0e3c8eb740e1e49a62a5f452cda7e06258712bbf", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=0e3c8eb740e1e49a62a5f452cda7e06258712bbf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28334", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28334" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445066", "reference_id": "discuss.php?d=445066", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-07T19:28:06Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445066" }, { "reference_url": "https://github.com/advisories/GHSA-hh52-g5c4-wprh", "reference_id": "GHSA-hh52-g5c4-wprh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hh52-g5c4-wprh" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179423", "reference_id": "show_bug.cgi?id=2179423", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-07T19:28:06Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179423" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28334", "GHSA-hh52-g5c4-wprh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-actu-ux4t-uyb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32318?format=api", "vulnerability_id": "VCID-b2xd-3ek1-27b9", "summary": "The URL parameters accepted by forum search were not limited to the allowed parameters.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37234", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37045", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37223", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37249", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25979" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/6eaeeda6cf759672def05a85afe9e4d521739166", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6eaeeda6cf759672def05a85afe9e4d521739166" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25979", "reference_id": "CVE-2024-25979", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25979" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455635", "reference_id": "discuss.php?d=455635", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455635" }, { "reference_url": "https://github.com/advisories/GHSA-6vjf-48fh-vxxj", "reference_id": "GHSA-6vjf-48fh-vxxj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6vjf-48fh-vxxj" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69774" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264095", "reference_id": "show_bug.cgi?id=2264095", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T17:42:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264095" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25979", "GHSA-6vjf-48fh-vxxj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2xd-3ek1-27b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49315?format=api", "vulnerability_id": "VCID-b53y-qvcd-9bc2", "summary": "In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore workshop modules and direct access to the web server outside of the Moodle webroot could execute a local file include.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80712", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80712" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39244", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39219", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39047", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39236", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34003" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34003", "reference_id": "CVE-2024-34003", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34003" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458391", "reference_id": "discuss.php?d=458391", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-01T13:16:51Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458391" }, { "reference_url": "https://github.com/advisories/GHSA-jg4f-8w9x-jv35", "reference_id": "GHSA-jg4f-8w9x-jv35", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jg4f-8w9x-jv35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34003", "GHSA-jg4f-8w9x-jv35" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b53y-qvcd-9bc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49583?format=api", "vulnerability_id": "VCID-b9r4-vfvf-r3cx", "summary": "In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity modules and direct access to the web server outside of the Moodle webroot could execute a local file include.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63953", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63838", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6394", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34005" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ffa045e09912349ed08d6591ec84cb83e57235cc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ffa045e09912349ed08d6591ec84cb83e57235cc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34005", "reference_id": "CVE-2024-34005", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34005" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458394", "reference_id": "discuss.php?d=458394", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T19:36:05Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458394" }, { "reference_url": "https://github.com/advisories/GHSA-r99q-hmqv-xw8w", "reference_id": "GHSA-r99q-hmqv-xw8w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r99q-hmqv-xw8w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34005", "GHSA-r99q-hmqv-xw8w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9r4-vfvf-r3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53327?format=api", "vulnerability_id": "VCID-bhnn-ae5z-53cm", "summary": "Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81247", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81247" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39027", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39004", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38832", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39018", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33996" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33996", "reference_id": "CVE-2024-33996", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33996" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458384#p1840909", "reference_id": "discuss.php?d=458384#p1840909", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-01T13:14:42Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458384#p1840909" }, { "reference_url": "https://github.com/advisories/GHSA-4qww-rxq6-x7gf", "reference_id": "GHSA-4qww-rxq6-x7gf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4qww-rxq6-x7gf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-33996", "GHSA-4qww-rxq6-x7gf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhnn-ae5z-53cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31296?format=api", "vulnerability_id": "VCID-bjdy-pxgn-hkcx", "summary": "A flaw was found in moodle. The cURL wrapper in Moodle strips HTTPAUTH and USERPWD headers during emulated redirects, but retains other original request headers, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82136", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82136" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56827", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56948", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56952", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00336", "scoring_system": "epss", "scoring_elements": "0.56962", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43432" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43432", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43432" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461200", "reference_id": "discuss.php?d=461200", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461200" }, { "reference_url": "https://github.com/advisories/GHSA-7wmp-2xmx-g6h8", "reference_id": "GHSA-7wmp-2xmx-g6h8", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7wmp-2xmx-g6h8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304260", "reference_id": "show_bug.cgi?id=2304260", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:06:57Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304260" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43432", "GHSA-7wmp-2xmx-g6h8" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjdy-pxgn-hkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127646?format=api", "vulnerability_id": "VCID-bn3p-ccnj-3ubw", "summary": "A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.3902", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38835", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39006", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.3903", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3644" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-83994&type=commits", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/search?q=repo%3Amoodle%2Fmoodle+MDL-83994&type=commits" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3644", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3644" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3644", "reference_id": "CVE-2025-3644", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3644" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467605", "reference_id": "discuss.php?d=467605", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467605" }, { "reference_url": "https://github.com/advisories/GHSA-cpm7-mv33-jwf8", "reference_id": "GHSA-cpm7-mv33-jwf8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cpm7-mv33-jwf8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359745", "reference_id": "show_bug.cgi?id=2359745", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359745" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3644", "GHSA-cpm7-mv33-jwf8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn3p-ccnj-3ubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40702?format=api", "vulnerability_id": "VCID-c6hn-kyf7-g3e4", "summary": "A flaw was found in Moodle. Additional checks were required to ensure users can only delete their OAuth2-linked accounts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60689", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60795", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60804", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60794", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45690" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/809629e5afcd5be087e65668fe6cf67f2f4f5145", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/809629e5afcd5be087e65668fe6cf67f2f4f5145" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461895#p1854492", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461895#p1854492" }, { "reference_url": "https://moodle.org/security", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/security" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45690", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45690" }, { "reference_url": "https://github.com/advisories/GHSA-fhg2-r2h9-h7q8", "reference_id": "GHSA-fhg2-r2h9-h7q8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fhg2-r2h9-h7q8" }, { "reference_url": "https://moodle.org/security/", "reference_id": "security", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:15:47Z/" } ], "url": "https://moodle.org/security/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309939", "reference_id": "show_bug.cgi?id=2309939", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:15:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309939" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372835?format=api", "purl": "pkg:composer/moodle/moodle@4.1.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/372836?format=api", "purl": "pkg:composer/moodle/moodle@4.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/372837?format=api", "purl": "pkg:composer/moodle/moodle@4.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/372780?format=api", "purl": "pkg:composer/moodle/moodle@4.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.3" } ], "aliases": [ "CVE-2024-45690", "GHSA-fhg2-r2h9-h7q8" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6hn-kyf7-g3e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127571?format=api", "vulnerability_id": "VCID-c7uy-k6wn-s3f9", "summary": "A flaw was found in Moodle. This vulnerability allows unauthorized users to access and view RSS feeds due to insufficient capability checks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27823", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27607", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27808", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27833", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3636" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0bd97209ac5e217dbec236c73e4f6fdcaee1c737", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0bd97209ac5e217dbec236c73e4f6fdcaee1c737" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467598", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467598" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3636", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3636" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3636", "reference_id": "CVE-2025-3636", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3636" }, { "reference_url": "https://github.com/advisories/GHSA-chmf-m33p-ph8m", "reference_id": "GHSA-chmf-m33p-ph8m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-chmf-m33p-ph8m" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84499", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84499", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359726", "reference_id": "show_bug.cgi?id=2359726", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:06Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359726" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3636", "GHSA-chmf-m33p-ph8m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7uy-k6wn-s3f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32051?format=api", "vulnerability_id": "VCID-catf-58r7-87h5", "summary": "A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66237", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66342", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66344", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.66331", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43436" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43436", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43436" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461206", "reference_id": "discuss.php?d=461206", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461206" }, { "reference_url": "https://github.com/advisories/GHSA-mx26-62xm-2p83", "reference_id": "GHSA-mx26-62xm-2p83", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mx26-62xm-2p83" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304264", "reference_id": "show_bug.cgi?id=2304264", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304264" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43436", "GHSA-mx26-62xm-2p83" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-catf-58r7-87h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37332?format=api", "vulnerability_id": "VCID-cnqj-gehg-xuhk", "summary": "Incorrect CSRF token checks resulted in multiple CSRF risks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38276", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50708", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50722", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50705", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50571", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38276" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/093aedf79889114d004495f05969168b646b0285", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/093aedf79889114d004495f05969168b646b0285" }, { "reference_url": "https://github.com/moodle/moodle/commit/137d311fd1354c679b974633512a771e6e0559a1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/137d311fd1354c679b974633512a771e6e0559a1" }, { "reference_url": "https://github.com/moodle/moodle/commit/30fadc3686fa7490860a0bd87a29636139dfb371", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/30fadc3686fa7490860a0bd87a29636139dfb371" }, { "reference_url": "https://github.com/moodle/moodle/commit/31ced0851189a6879e4cd27c7e65d21dd9d6e87e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/31ced0851189a6879e4cd27c7e65d21dd9d6e87e" }, { "reference_url": "https://github.com/moodle/moodle/commit/57f20b6cb352893871c3afdfa8a4c09a96e16764", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/57f20b6cb352893871c3afdfa8a4c09a96e16764" }, { "reference_url": "https://github.com/moodle/moodle/commit/756090ed79aa056d0b5f58e7a1dff67f139f76b4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/756090ed79aa056d0b5f58e7a1dff67f139f76b4" }, { "reference_url": "https://github.com/moodle/moodle/commit/9af9711c0a78ebad87d49bcb369ff813bc57d0a7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9af9711c0a78ebad87d49bcb369ff813bc57d0a7" }, { "reference_url": "https://github.com/moodle/moodle/commit/a0d8c025f732d5c18a2b9d1a8e5cbee35dce86f4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a0d8c025f732d5c18a2b9d1a8e5cbee35dce86f4" }, { "reference_url": "https://github.com/moodle/moodle/commit/c18b59808cefe7b54c85dce6bf2cc71601080667", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c18b59808cefe7b54c85dce6bf2cc71601080667" }, { "reference_url": "https://github.com/moodle/moodle/commit/c1aacb3e2884ea4dcc221c5ef2e449ce345f78ae", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c1aacb3e2884ea4dcc221c5ef2e449ce345f78ae" }, { "reference_url": "https://github.com/moodle/moodle/commit/c5b1604e8136db6d72057dd8052955058489206c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c5b1604e8136db6d72057dd8052955058489206c" }, { "reference_url": "https://github.com/moodle/moodle/commit/da8e8cee6ffaf7c184eded97e1016f20c9de0561", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/da8e8cee6ffaf7c184eded97e1016f20c9de0561" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc84fcfab06a4a0fe37797b8422e9fe3a1031c3e", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc84fcfab06a4a0fe37797b8422e9fe3a1031c3e" }, { "reference_url": "https://github.com/moodle/moodle/commit/e1dab5f38166a2ff62983178f7bf8f0ed3a61090", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e1dab5f38166a2ff62983178f7bf8f0ed3a61090" }, { "reference_url": "https://github.com/moodle/moodle/commit/e23f603c41055ab92f9b430cf0e7a54b4e120f95", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e23f603c41055ab92f9b430cf0e7a54b4e120f95" }, { "reference_url": "https://github.com/moodle/moodle/commit/f2807dee5bc777d9c58b7a70cba6e4c21ee02ea1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f2807dee5bc777d9c58b7a70cba6e4c21ee02ea1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38276", "reference_id": "CVE-2024-38276", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38276" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=459501", "reference_id": "discuss.php?d=459501", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=459501" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/", "reference_id": "F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7AZYR7EXV6E5SQE2GYTNQE3NOENJCQ6/" }, { "reference_url": "https://github.com/advisories/GHSA-356g-7x36-7m34", "reference_id": "GHSA-356g-7x36-7m34", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-356g-7x36-7m34" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/", "reference_id": "GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-25T17:33:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GHTIX55J4Q4LEOMLNEA4OZSWVEENQX7E/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32235?format=api", "purl": "pkg:composer/moodle/moodle@4.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/32234?format=api", "purl": "pkg:composer/moodle/moodle@4.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32230?format=api", "purl": "pkg:composer/moodle/moodle@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/32232?format=api", "purl": "pkg:composer/moodle/moodle@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-q51n-px1r-tkh4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1" } ], "aliases": [ "CVE-2024-38276", "GHSA-356g-7x36-7m34" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cnqj-gehg-xuhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109076?format=api", "vulnerability_id": "VCID-cra3-6x3q-vkap", "summary": "A flaw was found in Moodle. An open redirect vulnerability in the OAuth login flow allows a remote attacker to redirect users to attacker-controlled pages after they have successfully authenticated. This occurs due to insufficient validation of redirect parameters, which could lead to phishing attacks or information disclosure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03548", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0353", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03544", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03534", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67852" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/fa1624c8c9e3efa917f0e9d2666bb59d8be2a975", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/fa1624c8c9e3efa917f0e9d2666bb59d8be2a975" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471302", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471302" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67852", "reference_id": "CVE-2025-67852", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:44:09Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67852" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67852", "reference_id": "CVE-2025-67852", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67852" }, { "reference_url": "https://github.com/advisories/GHSA-qv78-6gpp-hm68", "reference_id": "GHSA-qv78-6gpp-hm68", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qv78-6gpp-hm68" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423844", "reference_id": "show_bug.cgi?id=2423844", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:44:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423844" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67852", "GHSA-qv78-6gpp-hm68" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cra3-6x3q-vkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31684?format=api", "vulnerability_id": "VCID-e6pf-zcvz-mqfr", "summary": "The bulk message sending feature in Moodle's Feedback module's non-respondents report had an incorrect CSRF token check, leading to a CSRF vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.67339", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.67441", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.67444", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00522", "scoring_system": "epss", "scoring_elements": "0.6743", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43434" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "8.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43434", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "8.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43434" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461203", "reference_id": "discuss.php?d=461203", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "8.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461203" }, { "reference_url": "https://github.com/advisories/GHSA-x87r-37q5-mmr8", "reference_id": "GHSA-x87r-37q5-mmr8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x87r-37q5-mmr8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304262", "reference_id": "show_bug.cgi?id=2304262", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "8.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:40:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304262" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43434", "GHSA-x87r-37q5-mmr8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6pf-zcvz-mqfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127090?format=api", "vulnerability_id": "VCID-eaej-5e2e-yfcr", "summary": "A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3647", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26804", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26604", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26806", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2682", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3647" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/bd6ec0ac84cf0f73ab35e7e244e1f9b06929083a", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bd6ec0ac84cf0f73ab35e7e244e1f9b06929083a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3647", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3647" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3647", "reference_id": "CVE-2025-3647", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3647" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467607", "reference_id": "discuss.php?d=467607", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467607" }, { "reference_url": "https://github.com/advisories/GHSA-34g7-pg9j-pxgp", "reference_id": "GHSA-34g7-pg9j-pxgp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-34g7-pg9j-pxgp" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359762", "reference_id": "show_bug.cgi?id=2359762", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:42:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359762" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3647", "GHSA-34g7-pg9j-pxgp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eaej-5e2e-yfcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109344?format=api", "vulnerability_id": "VCID-ebae-b6eb-s7fr", "summary": "A flaw was found in Moodle. A remote attacker could exploit a lack of proper rate limiting in the confirmation email service. This vulnerability allows attackers to more easily enumerate or guess user credentials, facilitating brute-force attacks against user accounts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10915", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10889", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10951", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10946", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67853" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471303", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471303" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67853", "reference_id": "CVE-2025-67853", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:43:42Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67853" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67853", "reference_id": "CVE-2025-67853", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67853" }, { "reference_url": "https://github.com/advisories/GHSA-5cx4-w4fh-fr57", "reference_id": "GHSA-5cx4-w4fh-fr57", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5cx4-w4fh-fr57" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423847", "reference_id": "show_bug.cgi?id=2423847", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:43:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67853", "GHSA-5cx4-w4fh-fr57" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebae-b6eb-s7fr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32087?format=api", "vulnerability_id": "VCID-epz3-rnb8-bybr", "summary": "The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59967", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59856", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59964", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59976", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25982" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/bac703c534d05d4502580fbe32447d5c777869bf", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/bac703c534d05d4502580fbe32447d5c777869bf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25982", "reference_id": "CVE-2024-25982", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25982" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455638", "reference_id": "discuss.php?d=455638", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455638" }, { "reference_url": "https://github.com/advisories/GHSA-7pjp-fm93-p6pj", "reference_id": "GHSA-7pjp-fm93-p6pj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7pjp-fm93-p6pj" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-54749", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-54749", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-54749" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264098", "reference_id": "show_bug.cgi?id=2264098", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T15:39:38Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264098" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25982", "GHSA-7pjp-fm93-p6pj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-epz3-rnb8-bybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53863?format=api", "vulnerability_id": "VCID-ez7r-y64f-dbbx", "summary": "Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81354", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81354" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80829", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.809", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80891", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80889", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-33998" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/66da9394993d97861f6c80bc4ec4ee9b513d2f33", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/66da9394993d97861f6c80bc4ec4ee9b513d2f33" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33998", "reference_id": "CVE-2024-33998", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33998" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458386", "reference_id": "discuss.php?d=458386", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T14:26:53Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458386" }, { "reference_url": "https://github.com/advisories/GHSA-xqhh-253w-4q5f", "reference_id": "GHSA-xqhh-253w-4q5f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xqhh-253w-4q5f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-33998", "GHSA-xqhh-253w-4q5f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ez7r-y64f-dbbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/137687?format=api", "vulnerability_id": "VCID-f5ys-s8gt-5fcv", "summary": "A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77193", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77193" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49267", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49409", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49422", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49404", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35132" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35132", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35132" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T20:53:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=447830", "reference_id": "discuss.php?d=447830", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T20:53:51Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=447830" }, { "reference_url": "https://github.com/advisories/GHSA-49mv-vfcp-8gg9", "reference_id": "GHSA-49mv-vfcp-8gg9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-49mv-vfcp-8gg9" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T20:53:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214371", "reference_id": "show_bug.cgi?id=2214371", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T20:53:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214371" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381600?format=api", "purl": "pkg:composer/moodle/moodle@4.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/381599?format=api", "purl": "pkg:composer/moodle/moodle@4.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/381598?format=api", "purl": "pkg:composer/moodle/moodle@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.1" } ], "aliases": [ "CVE-2023-35132", "GHSA-49mv-vfcp-8gg9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f5ys-s8gt-5fcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109335?format=api", "vulnerability_id": "VCID-fsuz-rgpw-8qd4", "summary": "A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access to the system. This can lead to information disclosure or other unauthorized actions by users who should be restricted.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15558", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15445", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1558", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15591", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67848" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/62f372e9d861d16df702d3c7726905fa2730e3d8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/62f372e9d861d16df702d3c7726905fa2730e3d8" }, { "reference_url": "https://github.com/moodle/moodle/commit/c2705e2c18962fec4f21b9c34ed386be2a379663", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c2705e2c18962fec4f21b9c34ed386be2a379663" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67848", "reference_id": "CVE-2025-67848", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:50Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67848" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67848", "reference_id": "CVE-2025-67848", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67848" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471298", "reference_id": "discuss.php?d=471298", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:50Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471298" }, { "reference_url": "https://github.com/advisories/GHSA-j5jv-w5cw-j9ff", "reference_id": "GHSA-j5jv-w5cw-j9ff", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j5jv-w5cw-j9ff" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423831", "reference_id": "show_bug.cgi?id=2423831", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:50Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423831" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67848", "GHSA-j5jv-w5cw-j9ff" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsuz-rgpw-8qd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133784?format=api", "vulnerability_id": "VCID-g8bf-eeaa-hygf", "summary": "Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49412", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49269", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49407", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49425", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5549" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5a765e124c950b1e4313c9bf96ea2dd194f65c75", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5a765e124c950b1e4313c9bf96ea2dd194f65c75" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5549", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5549" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451590", "reference_id": "discuss.php?d=451590", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451590" }, { "reference_url": "https://github.com/advisories/GHSA-fm5h-58g2-4m3f", "reference_id": "GHSA-fm5h-58g2-4m3f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fm5h-58g2-4m3f" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66730", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66730", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-66730" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451", "reference_id": "show_bug.cgi?id=2243451", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:16:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243451" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5549", "GHSA-fm5h-58g2-4m3f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8bf-eeaa-hygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109365?format=api", "vulnerability_id": "VCID-gapa-a9xy-w3be", "summary": "A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions, the malicious code would execute in their web browsers, potentially compromising their data or leading to unauthorized actions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0193", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01915", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01919", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0192", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67850" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/c85f153068a717a3b28bc122e75154bac99e67e1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c85f153068a717a3b28bc122e75154bac99e67e1" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471300", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471300" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67850", "reference_id": "CVE-2025-67850", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:48Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67850" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67850", "reference_id": "CVE-2025-67850", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67850" }, { "reference_url": "https://github.com/advisories/GHSA-6mmv-f6c6-v6q8", "reference_id": "GHSA-6mmv-f6c6-v6q8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6mmv-f6c6-v6q8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423838", "reference_id": "show_bug.cgi?id=2423838", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423838" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67850", "GHSA-6mmv-f6c6-v6q8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gapa-a9xy-w3be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/358207?format=api", "vulnerability_id": "VCID-gtz8-utju-qfah", "summary": "", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77846", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77846" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51458", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51589", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51601", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51587", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5548" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243449" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/7679452caff6faa33f00d3f0589c5190bc01a933", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/7679452caff6faa33f00d3f0589c5190bc01a933" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451589", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451589" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5548", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5548" }, { "reference_url": "https://github.com/advisories/GHSA-cwh2-q44x-5w3c", "reference_id": "GHSA-cwh2-q44x-5w3c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cwh2-q44x-5w3c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5548", "GHSA-cwh2-q44x-5w3c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtz8-utju-qfah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109156?format=api", "vulnerability_id": "VCID-hh6z-2319-83g4", "summary": "A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11824", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11765", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1185", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11848", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67855" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0c146aa2612fb6d0544f200a018cb42da75db713", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0c146aa2612fb6d0544f200a018cb42da75db713" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471305", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471305" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67855", "reference_id": "CVE-2025-67855", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:43:09Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67855" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67855", "reference_id": "CVE-2025-67855", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67855" }, { "reference_url": "https://github.com/advisories/GHSA-vwhw-vp9v-q9c9", "reference_id": "GHSA-vwhw-vp9v-q9c9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vwhw-vp9v-q9c9" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423861", "reference_id": "show_bug.cgi?id=2423861", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:43:09Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423861" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67855", "GHSA-vwhw-vp9v-q9c9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh6z-2319-83g4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102162?format=api", "vulnerability_id": "VCID-j897-5zfk-rbhk", "summary": "An SQL injection risk was identified in the module list filter within course search.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61349", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61352", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61244", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61356", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26533" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/1310e64699807ead6c38ee89354ac57c503c2836", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1310e64699807ead6c38ee89354ac57c503c2836" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26533", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26533" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466150", "reference_id": "discuss.php?d=466150", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:35:13Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466150" }, { "reference_url": "https://github.com/advisories/GHSA-rg56-94j7-hjx9", "reference_id": "GHSA-rg56-94j7-hjx9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg56-94j7-hjx9" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:35:13Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84271" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26533", "GHSA-rg56-94j7-hjx9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j897-5zfk-rbhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56346?format=api", "vulnerability_id": "VCID-j9sx-pf51-buhe", "summary": "A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46016", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46009", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45871", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46023", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48897" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48897", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48897" }, { "reference_url": "https://github.com/advisories/GHSA-x3x9-349x-2485", "reference_id": "GHSA-x3x9-349x-2485", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x3x9-349x-2485" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318821", "reference_id": "show_bug.cgi?id=2318821", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:51:39Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318821" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372790?format=api", "purl": "pkg:composer/moodle/moodle@4.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/372791?format=api", "purl": "pkg:composer/moodle/moodle@4.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/372792?format=api", "purl": "pkg:composer/moodle/moodle@4.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/372793?format=api", "purl": "pkg:composer/moodle/moodle@4.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4" } ], "aliases": [ "CVE-2024-48897", "GHSA-x3x9-349x-2485" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9sx-pf51-buhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49622?format=api", "vulnerability_id": "VCID-jejy-353t-x3de", "summary": "In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore wiki modules and direct access to the web server outside of the Moodle webroot could execute a local file include.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54291", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54418", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54433", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54417", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34004" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34004", "reference_id": "CVE-2024-34004", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34004" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458393", "reference_id": "discuss.php?d=458393", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T14:26:27Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458393" }, { "reference_url": "https://github.com/advisories/GHSA-q3cm-ccrm-2mr6", "reference_id": "GHSA-q3cm-ccrm-2mr6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q3cm-ccrm-2mr6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34004", "GHSA-q3cm-ccrm-2mr6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jejy-353t-x3de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54085?format=api", "vulnerability_id": "VCID-jgqf-6s2h-vqd8", "summary": "Inadequate access control in Moodle LMS. This vulnerability could allow a local user with a student role to create arbitrary events intended for users with higher roles. It could also allow the attacker to add events to the calendar of all users without their prior consent.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21388", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21375", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21206", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21401", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1439" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1439", "reference_id": "CVE-2024-1439", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1439" }, { "reference_url": "https://github.com/advisories/GHSA-5p2x-8427-9fgp", "reference_id": "GHSA-5p2x-8427-9fgp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5p2x-8427-9fgp" }, { "reference_url": "https://www.incibe.es/en/incibe-cert/notices/aviso/inadequate-access-control-vulnerability-moodle", "reference_id": "inadequate-access-control-vulnerability-moodle", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T16:28:28Z/" } ], "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/inadequate-access-control-vulnerability-moodle" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381598?format=api", "purl": "pkg:composer/moodle/moodle@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.1" } ], "aliases": [ "CVE-2024-1439", "GHSA-5p2x-8427-9fgp" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgqf-6s2h-vqd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31372?format=api", "vulnerability_id": "VCID-k5ku-5n57-w7e3", "summary": "A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.76276", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.76355", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.7636", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00911", "scoring_system": "epss", "scoring_elements": "0.76346", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43426" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82745", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82745" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43426", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43426" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461194", "reference_id": "discuss.php?d=461194", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461194" }, { "reference_url": "https://github.com/advisories/GHSA-vjmm-r9gg-425m", "reference_id": "GHSA-vjmm-r9gg-425m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vjmm-r9gg-425m" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304254", "reference_id": "show_bug.cgi?id=2304254", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:41:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304254" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43426", "GHSA-vjmm-r9gg-425m" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ku-5n57-w7e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/358206?format=api", "vulnerability_id": "VCID-kegp-rnfw-83b4", "summary": "", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79509" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39023", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39196", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.3922", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39212", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243443", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243443" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/5fec728be9df3c9fc282cd0897c73ca5cfcfea5f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/5fec728be9df3c9fc282cd0897c73ca5cfcfea5f" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451585", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451585" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5544", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5544" }, { "reference_url": "https://github.com/advisories/GHSA-j5xf-gv89-g422", "reference_id": "GHSA-j5xf-gv89-g422", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j5xf-gv89-g422" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5544", "GHSA-j5xf-gv89-g422" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kegp-rnfw-83b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102972?format=api", "vulnerability_id": "VCID-kymv-5vap-7qf7", "summary": "An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1307", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12989", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.13085", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.13094", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62401" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=470390", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=470390" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62401", "reference_id": "CVE-2025-62401", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:38:17Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62401" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62401", "reference_id": "CVE-2025-62401", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62401" }, { "reference_url": "https://github.com/advisories/GHSA-w29j-8phw-ffjf", "reference_id": "GHSA-w29j-8phw-ffjf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w29j-8phw-ffjf" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404434", "reference_id": "show_bug.cgi?id=2404434", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:38:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404434" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34734?format=api", "purl": "pkg:composer/moodle/moodle@4.1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/34731?format=api", "purl": "pkg:composer/moodle/moodle@4.4.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/34729?format=api", "purl": "pkg:composer/moodle/moodle@4.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/34727?format=api", "purl": "pkg:composer/moodle/moodle@5.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3" } ], "aliases": [ "CVE-2025-62401", "GHSA-w29j-8phw-ffjf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kymv-5vap-7qf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31474?format=api", "vulnerability_id": "VCID-meau-pbrc-5ffv", "summary": "A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82576", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82576" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88917", "scoring_system": "epss", "scoring_elements": "0.99543", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.88917", "scoring_system": "epss", "scoring_elements": "0.99544", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43425" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43425", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43425" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52350.py", "reference_id": "CVE-2024-43425", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52350.py" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461193", "reference_id": "discuss.php?d=461193", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461193" }, { "reference_url": "https://github.com/advisories/GHSA-v6f4-v8h8-3c87", "reference_id": "GHSA-v6f4-v8h8-3c87", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v6f4-v8h8-3c87" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304253", "reference_id": "show_bug.cgi?id=2304253", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:20Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304253" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43425", "GHSA-v6f4-v8h8-3c87" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-meau-pbrc-5ffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40150?format=api", "vulnerability_id": "VCID-mm87-9trq-ykca", "summary": "The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance degradation. NOTE: the vendor's Using_Chat page says \"If you know some HTML code, you can use it in your text to do things like insert images, play sounds or create different coloured and sized text.\" This page also says \"Chat is due to be removed from standard Moodle.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28593", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34181", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34363", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34359", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34383", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-28593" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28593", "reference_id": "CVE-2024-28593", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28593" }, { "reference_url": "https://gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt", "reference_id": "CVE-2024-28593.txt", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/" } ], "url": "https://gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt" }, { "reference_url": "https://github.com/advisories/GHSA-f6mh-79vh-2hv7", "reference_id": "GHSA-f6mh-79vh-2hv7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f6mh-79vh-2hv7" }, { "reference_url": "https://medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe", "reference_id": "how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/" } ], "url": "https://medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe" }, { "reference_url": "https://docs.moodle.org/403/en/Using_Chat", "reference_id": "Using_Chat", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-25T16:47:10Z/" } ], "url": "https://docs.moodle.org/403/en/Using_Chat" } ], "fixed_packages": [], "aliases": [ "CVE-2024-28593", "GHSA-f6mh-79vh-2hv7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm87-9trq-ykca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32291?format=api", "vulnerability_id": "VCID-mnm9-ngbe-c3ad", "summary": "Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47741", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47605", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47745", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47761", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25983" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4cae44dd0e9a7da47d08d9b75e0ebba0e4b422f4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4cae44dd0e9a7da47d08d9b75e0ebba0e4b422f4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25983", "reference_id": "CVE-2024-25983", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25983" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455641", "reference_id": "discuss.php?d=455641", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455641" }, { "reference_url": "https://github.com/advisories/GHSA-9r26-5w88-qhp9", "reference_id": "GHSA-9r26-5w88-qhp9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9r26-5w88-qhp9" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78300", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78300", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78300" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264099", "reference_id": "show_bug.cgi?id=2264099", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T18:32:00Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264099" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25983", "GHSA-9r26-5w88-qhp9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnm9-ngbe-c3ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32375?format=api", "vulnerability_id": "VCID-mtan-pjt6-1bca", "summary": "Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.53106", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52979", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.53108", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.53123", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25978" }, { "reference_url": "https://github.com/moodle/moodle/commit/9ba14233597480fb78c04d531050c090de4e60a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/9ba14233597480fb78c04d531050c090de4e60a2" }, { "reference_url": "https://github.com/moodle/moodle/commit/a73e0ac76d77b67602f91bb211962813d60bc573", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a73e0ac76d77b67602f91bb211962813d60bc573" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25978", "reference_id": "CVE-2024-25978", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25978" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=455634", "reference_id": "discuss.php?d=455634", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=455634" }, { "reference_url": "https://github.com/advisories/GHSA-487g-3m3v-hjhq", "reference_id": "GHSA-487g-3m3v-hjhq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-487g-3m3v-hjhq" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74641" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/", "reference_id": "KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXGBYJ43BUEBUAQZU3DT5I5A3YLF47CB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264074", "reference_id": "show_bug.cgi?id=2264074", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T17:09:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264074" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/29108?format=api", "purl": "pkg:composer/moodle/moodle@4.1.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/29107?format=api", "purl": "pkg:composer/moodle/moodle@4.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/29106?format=api", "purl": "pkg:composer/moodle/moodle@4.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-396x-a5g1-p3a1" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8evy-5d1w-3fbm" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-tvbe-wwjn-jkby" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.3" } ], "aliases": [ "CVE-2024-25978", "GHSA-487g-3m3v-hjhq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtan-pjt6-1bca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127223?format=api", "vulnerability_id": "VCID-n5hx-mc7q-sua6", "summary": "A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46725", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46584", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46729", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46739", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3638" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/91e6ad43ed2522f9c1c4094e565b5a7e5b348728", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/91e6ad43ed2522f9c1c4094e565b5a7e5b348728" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3638", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3638" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3638", "reference_id": "CVE-2025-3638", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3638" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467600", "reference_id": "discuss.php?d=467600", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467600" }, { "reference_url": "https://github.com/advisories/GHSA-m8qh-hx4c-h9hr", "reference_id": "GHSA-m8qh-hx4c-h9hr", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m8qh-hx4c-h9hr" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359732", "reference_id": "show_bug.cgi?id=2359732", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "1.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:51:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359732" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3638", "GHSA-m8qh-hx4c-h9hr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5hx-mc7q-sua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31792?format=api", "vulnerability_id": "VCID-ndgr-yj2x-tbcr", "summary": "To address a cache poisoning risk in Moodle, additional validation for local storage was required.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81718", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81718" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18462", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1862", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18642", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43428" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43428", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43428" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461196", "reference_id": "discuss.php?d=461196", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461196" }, { "reference_url": "https://github.com/advisories/GHSA-2r9m-wg35-rfvc", "reference_id": "GHSA-2r9m-wg35-rfvc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2r9m-wg35-rfvc" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304256", "reference_id": "show_bug.cgi?id=2304256", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "6.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T14:41:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304256" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43428", "GHSA-2r9m-wg35-rfvc" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ndgr-yj2x-tbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70854?format=api", "vulnerability_id": "VCID-nsvy-6gvu-wqe1", "summary": "A denial-of-service vulnerability was identified in Moodle’s TeX formula editor. When rendering TeX content using mimetex, insufficient execution time limits could allow specially crafted formulas to consume excessive server resources. An authenticated user could abuse this behavior to degrade performance or cause service interruption.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26334", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26136", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26337", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26349", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26047" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/8683b4a04939332e353cad1be51222930dc40b2c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8683b4a04939332e353cad1be51222930dc40b2c" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=473316", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=473316" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-26047", "reference_id": "CVE-2026-26047", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-23T19:29:50Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-26047" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26047", "reference_id": "CVE-2026-26047", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26047" }, { "reference_url": "https://github.com/advisories/GHSA-cg8j-5cr2-568q", "reference_id": "GHSA-cg8j-5cr2-568q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cg8j-5cr2-568q" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440905", "reference_id": "show_bug.cgi?id=2440905", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-23T19:29:50Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440905" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/39494?format=api", "purl": "pkg:composer/moodle/moodle@4.5.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/39493?format=api", "purl": "pkg:composer/moodle/moodle@5.0.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/39495?format=api", "purl": "pkg:composer/moodle/moodle@5.1.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.2" } ], "aliases": [ "CVE-2026-26047", "GHSA-cg8j-5cr2-568q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nsvy-6gvu-wqe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37596?format=api", "vulnerability_id": "VCID-nw5a-bxbt-vbg5", "summary": "The cURL wrapper in Moodle retained the original request headers when following redirects, so HTTP authorization header information could be unintentionally sent in requests to redirect URLs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73854", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73853", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73764", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73839", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-38275" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0df3c5837a592e6663c4d531ff6a1f776bc2f785", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0df3c5837a592e6663c4d531ff6a1f776bc2f785" }, { "reference_url": "https://github.com/moodle/moodle/commit/3e38c84315a7991ce5ef5f241f5e873b5ca24f01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/3e38c84315a7991ce5ef5f241f5e873b5ca24f01" }, { "reference_url": "https://github.com/moodle/moodle/commit/836b2c23a210317d130017d77bb64e3b510869a9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/836b2c23a210317d130017d77bb64e3b510869a9" }, { "reference_url": "https://github.com/moodle/moodle/commit/f7988538b2208c55f2c40ce4f0815901dc88049b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f7988538b2208c55f2c40ce4f0815901dc88049b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38275", "reference_id": "CVE-2024-38275", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38275" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=459500", "reference_id": "discuss.php?d=459500", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-02T13:36:09Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=459500" }, { "reference_url": "https://github.com/advisories/GHSA-p2cj-86v4-7782", "reference_id": "GHSA-p2cj-86v4-7782", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p2cj-86v4-7782" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32235?format=api", "purl": "pkg:composer/moodle/moodle@4.1.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/32234?format=api", "purl": "pkg:composer/moodle/moodle@4.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/32230?format=api", "purl": "pkg:composer/moodle/moodle@4.3.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/32232?format=api", "purl": "pkg:composer/moodle/moodle@4.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-q51n-px1r-tkh4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.1" } ], "aliases": [ "CVE-2024-38275", "GHSA-p2cj-86v4-7782" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw5a-bxbt-vbg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109302?format=api", "vulnerability_id": "VCID-nw7f-9kxh-dfer", "summary": "A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. This could enable unauthorized users to obtain badges they are not entitled to, potentially leading to privilege escalation or unauthorized access to certain features.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06484", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06494", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06515", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06504", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67856" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0d48779e61bcacbabbcb82858a037b567351fce0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0d48779e61bcacbabbcb82858a037b567351fce0" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471306", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471306" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67856", "reference_id": "CVE-2025-67856", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:42:42Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67856" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67856", "reference_id": "CVE-2025-67856", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67856" }, { "reference_url": "https://github.com/advisories/GHSA-hcm6-q6pc-xfhm", "reference_id": "GHSA-hcm6-q6pc-xfhm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hcm6-q6pc-xfhm" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423864", "reference_id": "show_bug.cgi?id=2423864", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-03T15:42:42Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423864" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67856", "GHSA-hcm6-q6pc-xfhm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw7f-9kxh-dfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102718?format=api", "vulnerability_id": "VCID-pg53-92qn-67f4", "summary": "Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18982", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18823", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18987", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.19005", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62400" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=470389", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=470389" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62400", "reference_id": "CVE-2025-62400", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:48:02Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62400" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62400", "reference_id": "CVE-2025-62400", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62400" }, { "reference_url": "https://github.com/advisories/GHSA-422v-w6c5-vq42", "reference_id": "GHSA-422v-w6c5-vq42", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-422v-w6c5-vq42" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404433", "reference_id": "show_bug.cgi?id=2404433", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:48:02Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404433" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34734?format=api", "purl": "pkg:composer/moodle/moodle@4.1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/34731?format=api", "purl": "pkg:composer/moodle/moodle@4.4.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/34729?format=api", "purl": "pkg:composer/moodle/moodle@4.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/34727?format=api", "purl": "pkg:composer/moodle/moodle@5.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3" } ], "aliases": [ "CVE-2025-62400", "GHSA-422v-w6c5-vq42" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pg53-92qn-67f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49413?format=api", "vulnerability_id": "VCID-qm72-ebb5-67cr", "summary": "ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81062", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81062" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51679", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.5182", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51805", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0028", "scoring_system": "epss", "scoring_elements": "0.51808", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34000" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/4c966677de06bff56d46d55c419049f78e70f017", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/4c966677de06bff56d46d55c419049f78e70f017" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34000", "reference_id": "CVE-2024-34000", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34000" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458388", "reference_id": "discuss.php?d=458388", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T16:24:48Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458388" }, { "reference_url": "https://github.com/advisories/GHSA-8qwh-4vwv-7c5m", "reference_id": "GHSA-8qwh-4vwv-7c5m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8qwh-4vwv-7c5m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34000", "GHSA-8qwh-4vwv-7c5m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qm72-ebb5-67cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31379?format=api", "vulnerability_id": "VCID-rdtm-s21h-87az", "summary": "A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.80072", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.80141", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.8015", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0129", "scoring_system": "epss", "scoring_elements": "0.80135", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43439" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/c7d9026715a107ee16b9f9b2134ed4e6f667af99", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c7d9026715a107ee16b9f9b2134ed4e6f667af99" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43439", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43439" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461209", "reference_id": "discuss.php?d=461209", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:50:51Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461209" }, { "reference_url": "https://github.com/advisories/GHSA-hjgc-jxjc-8v9j", "reference_id": "GHSA-hjgc-jxjc-8v9j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hjgc-jxjc-8v9j" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304268", "reference_id": "show_bug.cgi?id=2304268", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:50:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304268" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43439", "GHSA-hjgc-jxjc-8v9j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rdtm-s21h-87az" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/137991?format=api", "vulnerability_id": "VCID-s8bc-98ph-nbh5", "summary": "An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78215", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78215" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60538", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60645", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60654", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60643", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35133" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35133", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35133" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-19T20:51:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=447831", "reference_id": "discuss.php?d=447831", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-19T20:51:45Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=447831" }, { "reference_url": "https://github.com/advisories/GHSA-xxp4-mf4h-6cwm", "reference_id": "GHSA-xxp4-mf4h-6cwm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xxp4-mf4h-6cwm" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-19T20:51:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214373", "reference_id": "show_bug.cgi?id=2214373", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-19T20:51:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214373" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381600?format=api", "purl": "pkg:composer/moodle/moodle@4.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/381599?format=api", "purl": "pkg:composer/moodle/moodle@4.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/381598?format=api", "purl": "pkg:composer/moodle/moodle@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.1" } ], "aliases": [ "CVE-2023-35133", "GHSA-xxp4-mf4h-6cwm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8bc-98ph-nbh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/127202?format=api", "vulnerability_id": "VCID-sja2-g5vp-tqev", "summary": "A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to teachers and managers on sites with the EQUELLA repository enabled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71841", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71745", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71831", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71844", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3642" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/630fbf6230ee18d63ce69bea34173fb151b599da", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/630fbf6230ee18d63ce69bea34173fb151b599da" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3642", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3642" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3642", "reference_id": "CVE-2025-3642", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3642" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467603", "reference_id": "discuss.php?d=467603", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467603" }, { "reference_url": "https://github.com/advisories/GHSA-m367-445c-2xqr", "reference_id": "GHSA-m367-445c-2xqr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m367-445c-2xqr" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359738", "reference_id": "show_bug.cgi?id=2359738", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-25T15:38:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3642", "GHSA-m367-445c-2xqr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sja2-g5vp-tqev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133596?format=api", "vulnerability_id": "VCID-t8ha-9bhp-fbbq", "summary": "H5P metadata automatically populated the author with the user's username, which could be sensitive information.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51589", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.5146", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51591", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51603", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5545" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/100ac7c6467a7de2c05713a0a924984ff1593d53", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/100ac7c6467a7de2c05713a0a924984ff1593d53" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5545", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5545" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451586", "reference_id": "discuss.php?d=451586", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451586" }, { "reference_url": "https://github.com/advisories/GHSA-26fg-v32r-h663", "reference_id": "GHSA-26fg-v32r-h663", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-26fg-v32r-h663" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78820", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78820", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-78820" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444", "reference_id": "show_bug.cgi?id=2243444", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T19:58:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243444" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5545", "GHSA-26fg-v32r-h663" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8ha-9bhp-fbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/130703?format=api", "vulnerability_id": "VCID-tqj8-fuca-7bhh", "summary": "The vulnerability was found Moodle which exists due to insufficient limitations on the \"start page\" preference. A remote attacker can set that preference for another user. The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55542", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55419", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.5554", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55555", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-23923" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23923", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23923" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=443274#p1782023", "reference_id": "discuss.php?d=443274#p1782023", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:21:47Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=443274#p1782023" }, { "reference_url": "https://github.com/advisories/GHSA-32jc-9p58-p82x", "reference_id": "GHSA-32jc-9p58-p82x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-32jc-9p58-p82x" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76862", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76862", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:21:47Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162549", "reference_id": "show_bug.cgi?id=2162549", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-19T18:21:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162549" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380387?format=api", "purl": "pkg:composer/moodle/moodle@4.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/380388?format=api", "purl": "pkg:composer/moodle/moodle@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dqmx-7x1r-qbf6" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.1" } ], "aliases": [ "CVE-2023-23923", "GHSA-32jc-9p58-p82x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tqj8-fuca-7bhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102951?format=api", "vulnerability_id": "VCID-tr6w-mqxr-vueh", "summary": "Moodle’s mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25369", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25169", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25367", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25384", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62399" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=470388", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=470388" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62399", "reference_id": "CVE-2025-62399", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:51:39Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62399" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62399", "reference_id": "CVE-2025-62399", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62399" }, { "reference_url": "https://github.com/advisories/GHSA-m58f-9pvv-8mp2", "reference_id": "GHSA-m58f-9pvv-8mp2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m58f-9pvv-8mp2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404432", "reference_id": "show_bug.cgi?id=2404432", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-23T14:51:39Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404432" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34734?format=api", "purl": "pkg:composer/moodle/moodle@4.1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/34731?format=api", "purl": "pkg:composer/moodle/moodle@4.4.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/34729?format=api", "purl": "pkg:composer/moodle/moodle@4.5.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/34727?format=api", "purl": "pkg:composer/moodle/moodle@5.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3" } ], "aliases": [ "CVE-2025-62399", "GHSA-m58f-9pvv-8mp2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr6w-mqxr-vueh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133812?format=api", "vulnerability_id": "VCID-u1ke-y4et-6ye8", "summary": "Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22379", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22195", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22401", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5551" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2bb6c551cf2e7be29857db35388911b8179394b0", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2bb6c551cf2e7be29857db35388911b8179394b0" }, { "reference_url": "https://github.com/moodle/moodle/commit/6de45d2c9f7dd7b24210ab0310c296366a82986a", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6de45d2c9f7dd7b24210ab0310c296366a82986a" }, { "reference_url": "https://github.com/moodle/moodle/commit/b91feb0b2328cdda2561d68b8dfe2a129190bc85", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b91feb0b2328cdda2561d68b8dfe2a129190bc85" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5551", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5551" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451592", "reference_id": "discuss.php?d=451592", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451592" }, { "reference_url": "https://github.com/advisories/GHSA-jr83-8x65-xcr5", "reference_id": "GHSA-jr83-8x65-xcr5", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jr83-8x65-xcr5" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453", "reference_id": "show_bug.cgi?id=2243453", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T13:23:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243453" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5551", "GHSA-jr83-8x65-xcr5" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1ke-y4et-6ye8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101932?format=api", "vulnerability_id": "VCID-uc4c-cw57-tyfp", "summary": "The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72697", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72709", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72619", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72711", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26528" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26528", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26528" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466144", "reference_id": "discuss.php?d=466144", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T20:03:52Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466144" }, { "reference_url": "https://github.com/advisories/GHSA-h697-w4ph-7pcx", "reference_id": "GHSA-h697-w4ph-7pcx", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h697-w4ph-7pcx" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T20:03:52Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-82896" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26528", "GHSA-h697-w4ph-7pcx" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uc4c-cw57-tyfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31588?format=api", "vulnerability_id": "VCID-ud6t-af1d-2yfh", "summary": "A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are not being excluded from the export, which could result in them unintentionally being leaked if the presets are shared with a third party.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79373", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79373" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70818", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70908", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70918", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00632", "scoring_system": "epss", "scoring_elements": "0.70921", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43427" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43427", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43427" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461195", "reference_id": "discuss.php?d=461195", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461195" }, { "reference_url": "https://github.com/advisories/GHSA-vpq5-56jj-vf2m", "reference_id": "GHSA-vpq5-56jj-vf2m", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vpq5-56jj-vf2m" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304255", "reference_id": "show_bug.cgi?id=2304255", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "1.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-12T15:02:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304255" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43427", "GHSA-vpq5-56jj-vf2m" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ud6t-af1d-2yfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134574?format=api", "vulnerability_id": "VCID-uny7-p1qf-abgp", "summary": "The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01058", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01058", "scoring_system": "epss", "scoring_elements": "0.78102", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01058", "scoring_system": "epss", "scoring_elements": "0.78107", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01058", "scoring_system": "epss", "scoring_elements": "0.78094", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28333" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/128c0c21607a71f411611a0104b2a8c858dd6fca", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/128c0c21607a71f411611a0104b2a8c858dd6fca" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=128c0c21607a71f411611a0104b2a8c858dd6fca", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=128c0c21607a71f411611a0104b2a8c858dd6fca" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28333", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28333" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-22T19:17:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445065", "reference_id": "discuss.php?d=445065", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-22T19:17:41Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445065" }, { "reference_url": "https://github.com/advisories/GHSA-q2x3-2f9g-h559", "reference_id": "GHSA-q2x3-2f9g-h559", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q2x3-2f9g-h559" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179422", "reference_id": "show_bug.cgi?id=2179422", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-22T19:17:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179422" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28333", "GHSA-q2x3-2f9g-h559" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uny7-p1qf-abgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133821?format=api", "vulnerability_id": "VCID-uuqh-tq51-tbex", "summary": "A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84838", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84785", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84837", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.022", "scoring_system": "epss", "scoring_elements": "0.84846", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5539" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/ba974a4add981743b5a37c5bcc4714c62f6052ce", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/ba974a4add981743b5a37c5bcc4714c62f6052ce" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5539", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5539" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451580", "reference_id": "discuss.php?d=451580", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451580" }, { "reference_url": "https://github.com/advisories/GHSA-3xxm-3g3c-w579", "reference_id": "GHSA-3xxm-3g3c-w579", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3xxm-3g3c-w579" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79408" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243352", "reference_id": "show_bug.cgi?id=2243352", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-03T18:23:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243352" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5539", "GHSA-3xxm-3g3c-w579" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uuqh-tq51-tbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31653?format=api", "vulnerability_id": "VCID-vbmp-pabj-r3es", "summary": "A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52511", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52632", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.5265", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52638", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43438" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43438", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43438" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461208", "reference_id": "discuss.php?d=461208", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461208" }, { "reference_url": "https://github.com/advisories/GHSA-p9cx-f595-h79h", "reference_id": "GHSA-p9cx-f595-h79h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p9cx-f595-h79h" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304267", "reference_id": "show_bug.cgi?id=2304267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:31Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304267" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43438", "GHSA-p9cx-f595-h79h" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbmp-pabj-r3es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31327?format=api", "vulnerability_id": "VCID-vfa1-gfnu-gqgb", "summary": "A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64984", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64984" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67612", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67701", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67711", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00529", "scoring_system": "epss", "scoring_elements": "0.67714", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43435" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43435", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43435" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461205", "reference_id": "discuss.php?d=461205", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461205" }, { "reference_url": "https://github.com/advisories/GHSA-4gq2-x5w4-7hp8", "reference_id": "GHSA-4gq2-x5w4-7hp8", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4gq2-x5w4-7hp8" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304263", "reference_id": "show_bug.cgi?id=2304263", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "2.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-12T14:57:03Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304263" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43435", "GHSA-4gq2-x5w4-7hp8" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfa1-gfnu-gqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49363?format=api", "vulnerability_id": "VCID-vtfd-afct-zkc5", "summary": "The site log report required additional encoding of event descriptions to ensure any HTML in the content is displayed in plaintext instead of being rendered.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80585", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-80585" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62611", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62724", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62719", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00424", "scoring_system": "epss", "scoring_elements": "0.62712", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34006" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/cd85e090f3feb06e6eff65d1499a67353d82d3cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/cd85e090f3feb06e6eff65d1499a67353d82d3cb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34006", "reference_id": "CVE-2024-34006", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34006" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458395", "reference_id": "discuss.php?d=458395", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T15:10:13Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458395" }, { "reference_url": "https://github.com/advisories/GHSA-vvh5-7v3m-j3mj", "reference_id": "GHSA-vvh5-7v3m-j3mj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vvh5-7v3m-j3mj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34006", "GHSA-vvh5-7v3m-j3mj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vtfd-afct-zkc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31994?format=api", "vulnerability_id": "VCID-w2zm-rxx4-xqcy", "summary": "A vulnerability was found in Moodle. Insufficient capability checks made it possible to delete badges that a user does not have permission to access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00308", "scoring_system": "epss", "scoring_elements": "0.54421", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00308", "scoring_system": "epss", "scoring_elements": "0.54546", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00308", "scoring_system": "epss", "scoring_elements": "0.54562", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00308", "scoring_system": "epss", "scoring_elements": "0.54547", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43431" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43431", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43431" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461199", "reference_id": "discuss.php?d=461199", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461199" }, { "reference_url": "https://github.com/advisories/GHSA-wwjf-gwrv-wh45", "reference_id": "GHSA-wwjf-gwrv-wh45", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wwjf-gwrv-wh45" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304259", "reference_id": "show_bug.cgi?id=2304259", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:40:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304259" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43431", "GHSA-wwjf-gwrv-wh45" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2zm-rxx4-xqcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49775?format=api", "vulnerability_id": "VCID-w5kh-x8en-yke7", "summary": "Actions in the admin management of analytics models did not include the necessary token to prevent a CSRF risk.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81059", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81059" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58734", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58619", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58746", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00361", "scoring_system": "epss", "scoring_elements": "0.58731", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34008" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/498a766263743ee649f6874e440a94517a077e2e", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/498a766263743ee649f6874e440a94517a077e2e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34008", "reference_id": "CVE-2024-34008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34008" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458397", "reference_id": "discuss.php?d=458397", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-05T19:22:27Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458397" }, { "reference_url": "https://github.com/advisories/GHSA-68x5-4jg5-gjgg", "reference_id": "GHSA-68x5-4jg5-gjgg", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-68x5-4jg5-gjgg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34008", "GHSA-68x5-4jg5-gjgg" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5kh-x8en-yke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101757?format=api", "vulnerability_id": "VCID-w84c-jzp6-zkee", "summary": "Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57546", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.57551", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5743", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00345", "scoring_system": "epss", "scoring_elements": "0.5756", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26532" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26532", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26532" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466149", "reference_id": "discuss.php?d=466149", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:04Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466149" }, { "reference_url": "https://github.com/advisories/GHSA-cw24-f6fq-7j9v", "reference_id": "GHSA-cw24-f6fq-7j9v", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cw24-f6fq-7j9v" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-25T14:19:04Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84003" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26532", "GHSA-cw24-f6fq-7j9v" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w84c-jzp6-zkee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133352?format=api", "vulnerability_id": "VCID-wf3q-rpbt-pfg7", "summary": "The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33964", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33784", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33963", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33986", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5541" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/f5f6ce375e37da902afb043c6b506129fc433233", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f5f6ce375e37da902afb043c6b506129fc433233" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5541", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5541" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=451582", "reference_id": "discuss.php?d=451582", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=451582" }, { "reference_url": "https://github.com/advisories/GHSA-28gc-4qq5-8q26", "reference_id": "GHSA-28gc-4qq5-8q26", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-28gc-4qq5-8q26" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79426", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79426", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79426" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243437", "reference_id": "show_bug.cgi?id=2243437", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T20:18:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243437" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381218?format=api", "purl": "pkg:composer/moodle/moodle@4.0.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/381217?format=api", "purl": "pkg:composer/moodle/moodle@4.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/381216?format=api", "purl": "pkg:composer/moodle/moodle@4.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/381033?format=api", "purl": "pkg:composer/moodle/moodle@4.3.0-rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.0-rc2" } ], "aliases": [ "CVE-2023-5541", "GHSA-28gc-4qq5-8q26" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wf3q-rpbt-pfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101923?format=api", "vulnerability_id": "VCID-wsj3-x2v5-y7gc", "summary": "Separate Groups mode restrictions were not factored into permission \nchecks before allowing viewing or deletion of responses in Feedback \nactivities.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26526", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.60035", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.60039", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59927", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.60047", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26526" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26526", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26526" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466142", "reference_id": "discuss.php?d=466142", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:58:41Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466142" }, { "reference_url": "https://github.com/advisories/GHSA-pxg4-xjp7-w9c5", "reference_id": "GHSA-pxg4-xjp7-w9c5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pxg4-xjp7-w9c5" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:58:41Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79976" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26526", "GHSA-pxg4-xjp7-w9c5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsj3-x2v5-y7gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134130?format=api", "vulnerability_id": "VCID-wuku-wat6-d3bc", "summary": "Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.77934", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.7801", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.78015", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01048", "scoring_system": "epss", "scoring_elements": "0.78002", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28330" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/493205b6b280633bcbc49d2eaf4f61a52252c26c", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/493205b6b280633bcbc49d2eaf4f61a52252c26c" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77204", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77204" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28330", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28330" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-14T16:20:22Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445062", "reference_id": "discuss.php?d=445062", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-14T16:20:22Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445062" }, { "reference_url": "https://github.com/advisories/GHSA-56r9-72vx-q989", "reference_id": "GHSA-56r9-72vx-q989", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-56r9-72vx-q989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179412", "reference_id": "show_bug.cgi?id=2179412", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-14T16:20:22Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179412" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-28330", "GHSA-56r9-72vx-q989" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wuku-wat6-d3bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49615?format=api", "vulnerability_id": "VCID-wupv-hcad-4yfs", "summary": "Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55721", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55843", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55856", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.5584", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34001" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/03e93da556201291e4a345d353a06d08d5d04dd6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/03e93da556201291e4a345d353a06d08d5d04dd6" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34001", "reference_id": "CVE-2024-34001", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34001" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458389", "reference_id": "discuss.php?d=458389", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-01T13:12:28Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458389" }, { "reference_url": "https://github.com/advisories/GHSA-gq9f-8rj4-w7jc", "reference_id": "GHSA-gq9f-8rj4-w7jc", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gq9f-8rj4-w7jc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34001", "GHSA-gq9f-8rj4-w7jc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wupv-hcad-4yfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/126893?format=api", "vulnerability_id": "VCID-x3bb-7vq7-aqaa", "summary": "A security vulnerability was discovered in Moodle that allows anyone to duplicate existing tours without needing to log in due to a lack of protection against cross-site request forgery (CSRF) attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34764", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34581", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34758", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34783", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3635" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/dbd723f81c07423d4082d54cd1d90b1b68c44379", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dbd723f81c07423d4082d54cd1d90b1b68c44379" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=467597", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=467597" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3635", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3635" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-3635", "reference_id": "CVE-2025-3635", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:11Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-3635" }, { "reference_url": "https://github.com/advisories/GHSA-88xj-97gf-7wpq", "reference_id": "GHSA-88xj-97gf-7wpq", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-88xj-97gf-7wpq" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359709", "reference_id": "show_bug.cgi?id=2359709", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T15:43:11Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359709" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376308?format=api", "purl": "pkg:composer/moodle/moodle@4.1.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/376309?format=api", "purl": "pkg:composer/moodle/moodle@4.3.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/376310?format=api", "purl": "pkg:composer/moodle/moodle@4.4.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/376311?format=api", "purl": "pkg:composer/moodle/moodle@4.5.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.4" } ], "aliases": [ "CVE-2025-3635", "GHSA-88xj-97gf-7wpq" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x3bb-7vq7-aqaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108885?format=api", "vulnerability_id": "VCID-x9xg-ujre-3ub9", "summary": "A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface could be manipulated.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67849", "reference_id": "", "reference_type": "", "scores": [ { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00698", "published_at": "2026-06-14T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00694", "published_at": "2026-06-11T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00692", "published_at": "2026-06-12T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00693", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-67849" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/a3063dcaa44dbe66e60a37cadb33bfadfe4feb03", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a3063dcaa44dbe66e60a37cadb33bfadfe4feb03" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=471299", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=471299" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-67849", "reference_id": "CVE-2025-67849", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:50Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-67849" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67849", "reference_id": "CVE-2025-67849", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67849" }, { "reference_url": "https://github.com/advisories/GHSA-mhf6-pp52-8wqj", "reference_id": "GHSA-mhf6-pp52-8wqj", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mhf6-pp52-8wqj" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423835", "reference_id": "show_bug.cgi?id=2423835", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:55:50Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423835" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38121?format=api", "purl": "pkg:composer/moodle/moodle@4.1.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/38126?format=api", "purl": "pkg:composer/moodle/moodle@4.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/38122?format=api", "purl": "pkg:composer/moodle/moodle@4.5.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/38128?format=api", "purl": "pkg:composer/moodle/moodle@5.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/38124?format=api", "purl": "pkg:composer/moodle/moodle@5.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1" } ], "aliases": [ "CVE-2025-67849", "GHSA-mhf6-pp52-8wqj" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9xg-ujre-3ub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31807?format=api", "vulnerability_id": "VCID-xgmq-ybaw-ckae", "summary": "A flaw was found in moodle. A local file may include risks when restoring block backups.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56557", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.5668", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56691", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56676", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43440" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43440", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43440" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=461210", "reference_id": "discuss.php?d=461210", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=461210" }, { "reference_url": "https://github.com/advisories/GHSA-qrqv-26gf-xgwh", "reference_id": "GHSA-qrqv-26gf-xgwh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qrqv-26gf-xgwh" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304269", "reference_id": "show_bug.cgi?id=2304269", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T14:23:21Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304269" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372779?format=api", "purl": "pkg:composer/moodle/moodle@4.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/372778?format=api", "purl": "pkg:composer/moodle/moodle@4.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372777?format=api", "purl": "pkg:composer/moodle/moodle@4.3.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/372776?format=api", "purl": "pkg:composer/moodle/moodle@4.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndsq-chgj-4kcq" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-p6d8-jya8-vfe2" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.2" } ], "aliases": [ "CVE-2024-43440", "GHSA-qrqv-26gf-xgwh" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgmq-ybaw-ckae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56382?format=api", "vulnerability_id": "VCID-xju1-g3ft-gyge", "summary": "A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46016", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46009", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45871", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46023", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48901" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48901", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48901" }, { "reference_url": "https://github.com/advisories/GHSA-mg54-p2wj-5ph7", "reference_id": "GHSA-mg54-p2wj-5ph7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mg54-p2wj-5ph7" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318817", "reference_id": "show_bug.cgi?id=2318817", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:55:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318817" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372790?format=api", "purl": "pkg:composer/moodle/moodle@4.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/372791?format=api", "purl": "pkg:composer/moodle/moodle@4.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/372792?format=api", "purl": "pkg:composer/moodle/moodle@4.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/372793?format=api", "purl": "pkg:composer/moodle/moodle@4.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4" } ], "aliases": [ "CVE-2024-48901", "GHSA-mg54-p2wj-5ph7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xju1-g3ft-gyge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102041?format=api", "vulnerability_id": "VCID-xkgj-r2v3-k3gt", "summary": "Insufficient sanitizing in the TeX notation filter resulted in an \narbitrary file read risk on sites where pdfTeX is available (such as \nthose with TeX Live installed).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43981", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43973", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43993", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43819", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26525" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26525", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26525" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466141", "reference_id": "discuss.php?d=466141", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:59:34Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466141" }, { "reference_url": "https://github.com/advisories/GHSA-4hmr-39vp-xfrr", "reference_id": "GHSA-4hmr-39vp-xfrr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4hmr-39vp-xfrr" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:59:34Z/" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-84136" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26525", "GHSA-4hmr-39vp-xfrr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkgj-r2v3-k3gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/137712?format=api", "vulnerability_id": "VCID-xm3s-de89-d3dr", "summary": "Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76683", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76683" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00892", "scoring_system": "epss", "scoring_elements": "0.76016", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00892", "scoring_system": "epss", "scoring_elements": "0.76095", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00892", "scoring_system": "epss", "scoring_elements": "0.76101", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00892", "scoring_system": "epss", "scoring_elements": "0.76088", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-35131" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35131", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35131" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/", "reference_id": "7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T01:18:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=447829", "reference_id": "discuss.php?d=447829", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T01:18:00Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=447829" }, { "reference_url": "https://github.com/advisories/GHSA-fwfj-8p36-rc64", "reference_id": "GHSA-fwfj-8p36-rc64", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fwfj-8p36-rc64" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/", "reference_id": "I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T01:18:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214369", "reference_id": "show_bug.cgi?id=2214369", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T01:18:00Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214369" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/381600?format=api", "purl": "pkg:composer/moodle/moodle@4.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/381599?format=api", "purl": "pkg:composer/moodle/moodle@4.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/381598?format=api", "purl": "pkg:composer/moodle/moodle@4.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.1" } ], "aliases": [ "CVE-2023-35131", "GHSA-fwfj-8p36-rc64" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xm3s-de89-d3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49311?format=api", "vulnerability_id": "VCID-xzfd-upm6-6fa8", "summary": "In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules and direct access to the web server outside of the Moodle webroot could execute a local file include.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81135", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-81135" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63838", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63953", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6394", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34002" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34002", "reference_id": "CVE-2024-34002", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34002" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=458390", "reference_id": "discuss.php?d=458390", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T17:56:11Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=458390" }, { "reference_url": "https://github.com/advisories/GHSA-mm9p-xwfm-3fqf", "reference_id": "GHSA-mm9p-xwfm-3fqf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm9p-xwfm-3fqf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31869?format=api", "purl": "pkg:composer/moodle/moodle@4.1.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/31870?format=api", "purl": "pkg:composer/moodle/moodle@4.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/31868?format=api", "purl": "pkg:composer/moodle/moodle@4.3.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2ua4-y1mx-t7f4" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.4" } ], "aliases": [ "CVE-2024-34002", "GHSA-mm9p-xwfm-3fqf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzfd-upm6-6fa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56384?format=api", "vulnerability_id": "VCID-zcea-b6q9-6fb9", "summary": "A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46016", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46009", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45871", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.46023", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-48898" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48898", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48898" }, { "reference_url": "https://github.com/advisories/GHSA-fjq9-452g-jg3q", "reference_id": "GHSA-fjq9-452g-jg3q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fjq9-452g-jg3q" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318820", "reference_id": "show_bug.cgi?id=2318820", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T14:56:14Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318820" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372790?format=api", "purl": "pkg:composer/moodle/moodle@4.1.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/372791?format=api", "purl": "pkg:composer/moodle/moodle@4.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/372792?format=api", "purl": "pkg:composer/moodle/moodle@4.3.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/372793?format=api", "purl": "pkg:composer/moodle/moodle@4.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-jn27-7e3d-1uc6" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.4" } ], "aliases": [ "CVE-2024-48898", "GHSA-fjq9-452g-jg3q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zcea-b6q9-6fb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101557?format=api", "vulnerability_id": "VCID-zkc5-3squ-puep", "summary": "Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.59014", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.59015", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.58902", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00365", "scoring_system": "epss", "scoring_elements": "0.59025", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26527" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26527", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26527" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=466143", "reference_id": "discuss.php?d=466143", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:57:30Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=466143" }, { "reference_url": "https://github.com/advisories/GHSA-5r85-6h7f-rg3r", "reference_id": "GHSA-5r85-6h7f-rg3r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5r85-6h7f-rg3r" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-24T19:57:30Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-83941" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377263?format=api", "purl": "pkg:composer/moodle/moodle@4.1.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/377262?format=api", "purl": "pkg:composer/moodle/moodle@4.3.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1svf-1dtz-3qey" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.3.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/377261?format=api", "purl": "pkg:composer/moodle/moodle@4.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/377260?format=api", "purl": "pkg:composer/moodle/moodle@4.5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-46sh-98bs-ybex" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-b959-r7ty-3fdj" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-dye9-hpdz-myc7" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-f275-awa8-53gp" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-pv24-2amy-4yb9" }, { "vulnerability": "VCID-s97q-jcmh-ukdh" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-wr3n-bk11-a3bj" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.2" } ], "aliases": [ "CVE-2025-26527", "GHSA-5r85-6h7f-rg3r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkc5-3squ-puep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/144517?format=api", "vulnerability_id": "VCID-zvva-ksud-3fe5", "summary": "The course participation report required additional checks to prevent roles being displayed which the user did not have access to view.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66864", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66878", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66879", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66772", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1402" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/f0a557bffbdb450648d0e4cedb391d14d8a0a253", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/f0a557bffbdb450648d0e4cedb391d14d8a0a253" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=f0a557bffbdb450648d0e4cedb391d14d8a0a253", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=f0a557bffbdb450648d0e4cedb391d14d8a0a253" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1402", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1402" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/", "reference_id": "3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:36:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=445069", "reference_id": "discuss.php?d=445069", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:36:31Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=445069" }, { "reference_url": "https://github.com/advisories/GHSA-vj5p-fp42-774p", "reference_id": "GHSA-vj5p-fp42-774p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vj5p-fp42-774p" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179427", "reference_id": "show_bug.cgi?id=2179427", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-16T13:36:31Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179427" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/380827?format=api", "purl": "pkg:composer/moodle/moodle@4.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/380826?format=api", "purl": "pkg:composer/moodle/moodle@4.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-y8cf-vxgf-cudn" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.1.2" } ], "aliases": [ "CVE-2023-1402", "GHSA-vj5p-fp42-774p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvva-ksud-3fe5" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/165742?format=api", "vulnerability_id": "VCID-2ugs-2j6t-xqa7", "summary": "The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several \"social\" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52668", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52796", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52794", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52811", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45151" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/", "reference_id": "2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/", "reference_id": "74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45151", "reference_id": "CVE-2022-45151", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45151" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=440771", "reference_id": "discuss.php?d=440771", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=440771" }, { "reference_url": "https://github.com/advisories/GHSA-xv72-6pgh-cjj8", "reference_id": "GHSA-xv72-6pgh-cjj8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xv72-6pgh-cjj8" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76131", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76131", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76131" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/", "reference_id": "NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142774", "reference_id": "show_bug.cgi?id=2142774", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:28:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142774" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28042?format=api", "purl": "pkg:composer/moodle/moodle@3.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/28044?format=api", "purl": "pkg:composer/moodle/moodle@4.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5cgw-81c9-aqew" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.5" } ], "aliases": [ "CVE-2022-45151", "GHSA-xv72-6pgh-cjj8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ugs-2j6t-xqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/166039?format=api", "vulnerability_id": "VCID-mxu2-9ukf-f7fe", "summary": "A reflected cross-site scripting vulnerability was discovered in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user's browser in context of vulnerable website. This vulnerability may allow an attacker to perform cross-site scripting (XSS) attacks to gain access potentially sensitive information and modification of web pages.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00712", "scoring_system": "epss", "scoring_elements": "0.72735", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00712", "scoring_system": "epss", "scoring_elements": "0.72811", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00712", "scoring_system": "epss", "scoring_elements": "0.72824", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00712", "scoring_system": "epss", "scoring_elements": "0.72826", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45150" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/", "reference_id": "2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/", "reference_id": "74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45150", "reference_id": "CVE-2022-45150", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45150" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=440770", "reference_id": "discuss.php?d=440770", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=440770" }, { "reference_url": "https://github.com/advisories/GHSA-6gx2-g773-hv9h", "reference_id": "GHSA-6gx2-g773-hv9h", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6gx2-g773-hv9h" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76091", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76091", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76091" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/", "reference_id": "NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142773", "reference_id": "show_bug.cgi?id=2142773", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:29:16Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142773" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28043?format=api", "purl": "pkg:composer/moodle/moodle@3.9.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9ahj-cq2p-uyhs" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/28042?format=api", "purl": "pkg:composer/moodle/moodle@3.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/28044?format=api", "purl": "pkg:composer/moodle/moodle@4.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5cgw-81c9-aqew" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.5" } ], "aliases": [ "CVE-2022-45150", "GHSA-6gx2-g773-hv9h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxu2-9ukf-f7fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/166037?format=api", "vulnerability_id": "VCID-p5wx-tmn5-8qf4", "summary": "A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utilise Moodle's inbuilt cURL helper, which resulted in a blind SSRF risk. An attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems. This vulnerability allows a remote attacker to perform SSRF attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45152", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.6101", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.61115", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.61123", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00398", "scoring_system": "epss", "scoring_elements": "0.61124", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45152" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/", "reference_id": "2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/", "reference_id": "74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45152", "reference_id": "CVE-2022-45152", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45152" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=440772", "reference_id": "discuss.php?d=440772", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=440772" }, { "reference_url": "https://github.com/advisories/GHSA-xqcf-vgqc-pcmg", "reference_id": "GHSA-xqcf-vgqc-pcmg", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xqcf-vgqc-pcmg" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71920" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/", "reference_id": "NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142775", "reference_id": "show_bug.cgi?id=2142775", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:22:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142775" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28043?format=api", "purl": "pkg:composer/moodle/moodle@3.9.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9ahj-cq2p-uyhs" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/28042?format=api", "purl": "pkg:composer/moodle/moodle@3.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/28044?format=api", "purl": "pkg:composer/moodle/moodle@4.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5cgw-81c9-aqew" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.5" } ], "aliases": [ "CVE-2022-45152", "GHSA-xqcf-vgqc-pcmg" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5wx-tmn5-8qf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/165850?format=api", "vulnerability_id": "VCID-yse5-3mf2-kyav", "summary": "A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website. This flaw allows an attacker to perform cross-site request forgery attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.54009", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.54135", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.5414", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.54153", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-45149" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/", "reference_id": "2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DHYIIAUXUBHMBEDYU7TYNZXEN2W2SA2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/", "reference_id": "74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74SXNGA5RIWM7QNX7H3G7SYIQLP4UUGV/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45149", "reference_id": "CVE-2022-45149", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45149" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=440769", "reference_id": "discuss.php?d=440769", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=440769" }, { "reference_url": "https://github.com/advisories/GHSA-8v23-w4w5-w83c", "reference_id": "GHSA-8v23-w4w5-w83c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8v23-w4w5-w83c" }, { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75862", "reference_id": "gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75862", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75862" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/", "reference_id": "NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRJB5JNKK3VVBLV3NH3RI7COEDAXSAB/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142772", "reference_id": "show_bug.cgi?id=2142772", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T19:37:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28043?format=api", "purl": "pkg:composer/moodle/moodle@3.9.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9ahj-cq2p-uyhs" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/28042?format=api", "purl": "pkg:composer/moodle/moodle@3.11.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-2juf-km3t-dkdq" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/28044?format=api", "purl": "pkg:composer/moodle/moodle@4.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24a4-k6sm-zfey" }, { "vulnerability": "VCID-352q-17as-77gz" }, { "vulnerability": "VCID-35xa-1mjs-a3au" }, { "vulnerability": "VCID-364m-hhsz-dfcs" }, { "vulnerability": "VCID-3dr4-hds3-ckbr" }, { "vulnerability": "VCID-3ee8-byud-7kab" }, { "vulnerability": "VCID-3s11-9e4p-pygy" }, { "vulnerability": "VCID-3v15-csmz-sfe9" }, { "vulnerability": "VCID-43r9-m1xz-5qge" }, { "vulnerability": "VCID-54uj-r3xh-m7ae" }, { "vulnerability": "VCID-575h-xhz7-augs" }, { "vulnerability": "VCID-57uf-tz1x-akdt" }, { "vulnerability": "VCID-59gr-d6p5-u7fv" }, { "vulnerability": "VCID-5ben-6zhd-ruhj" }, { "vulnerability": "VCID-5cgw-81c9-aqew" }, { "vulnerability": "VCID-5fq8-66xt-2qfq" }, { "vulnerability": "VCID-5uk3-pd1j-ykgr" }, { "vulnerability": "VCID-5zy2-a2hw-tuba" }, { "vulnerability": "VCID-67af-4zk5-sfb2" }, { "vulnerability": "VCID-67tn-z6kv-vybp" }, { "vulnerability": "VCID-6h6h-ny96-x7hu" }, { "vulnerability": "VCID-6kc6-1dyn-gqft" }, { "vulnerability": "VCID-6nag-3wnp-tua2" }, { "vulnerability": "VCID-7a6m-m4t2-5ydp" }, { "vulnerability": "VCID-7z7h-w68u-1bc7" }, { "vulnerability": "VCID-7zqn-5pyf-pyg9" }, { "vulnerability": "VCID-82cj-8rk2-kygn" }, { "vulnerability": "VCID-87yg-v5af-mfd4" }, { "vulnerability": "VCID-8djk-7q86-hqck" }, { "vulnerability": "VCID-8w1a-ft6h-g7bt" }, { "vulnerability": "VCID-8ydw-ymjw-4qhd" }, { "vulnerability": "VCID-95fs-szzk-c3h5" }, { "vulnerability": "VCID-9fr5-4a3g-pbga" }, { "vulnerability": "VCID-9szm-emq8-gfdf" }, { "vulnerability": "VCID-9u8e-pp4p-nqht" }, { "vulnerability": "VCID-actu-ux4t-uyb1" }, { "vulnerability": "VCID-b2xd-3ek1-27b9" }, { "vulnerability": "VCID-b53y-qvcd-9bc2" }, { "vulnerability": "VCID-b9r4-vfvf-r3cx" }, { "vulnerability": "VCID-bhnn-ae5z-53cm" }, { "vulnerability": "VCID-bjdy-pxgn-hkcx" }, { "vulnerability": "VCID-bn3p-ccnj-3ubw" }, { "vulnerability": "VCID-c6hn-kyf7-g3e4" }, { "vulnerability": "VCID-c7uy-k6wn-s3f9" }, { "vulnerability": "VCID-catf-58r7-87h5" }, { "vulnerability": "VCID-cnqj-gehg-xuhk" }, { "vulnerability": "VCID-cra3-6x3q-vkap" }, { "vulnerability": "VCID-e6pf-zcvz-mqfr" }, { "vulnerability": "VCID-eaej-5e2e-yfcr" }, { "vulnerability": "VCID-ebae-b6eb-s7fr" }, { "vulnerability": "VCID-epz3-rnb8-bybr" }, { "vulnerability": "VCID-ez7r-y64f-dbbx" }, { "vulnerability": "VCID-f5ys-s8gt-5fcv" }, { "vulnerability": "VCID-fsuz-rgpw-8qd4" }, { "vulnerability": "VCID-g8bf-eeaa-hygf" }, { "vulnerability": "VCID-gapa-a9xy-w3be" }, { "vulnerability": "VCID-gtz8-utju-qfah" }, { "vulnerability": "VCID-hh6z-2319-83g4" }, { "vulnerability": "VCID-j897-5zfk-rbhk" }, { "vulnerability": "VCID-j9sx-pf51-buhe" }, { "vulnerability": "VCID-jejy-353t-x3de" }, { "vulnerability": "VCID-jgqf-6s2h-vqd8" }, { "vulnerability": "VCID-k5ku-5n57-w7e3" }, { "vulnerability": "VCID-kegp-rnfw-83b4" }, { "vulnerability": "VCID-kymv-5vap-7qf7" }, { "vulnerability": "VCID-meau-pbrc-5ffv" }, { "vulnerability": "VCID-mm87-9trq-ykca" }, { "vulnerability": "VCID-mnm9-ngbe-c3ad" }, { "vulnerability": "VCID-mtan-pjt6-1bca" }, { "vulnerability": "VCID-n5hx-mc7q-sua6" }, { "vulnerability": "VCID-ndgr-yj2x-tbcr" }, { "vulnerability": "VCID-nsvy-6gvu-wqe1" }, { "vulnerability": "VCID-nw5a-bxbt-vbg5" }, { "vulnerability": "VCID-nw7f-9kxh-dfer" }, { "vulnerability": "VCID-pg53-92qn-67f4" }, { "vulnerability": "VCID-qm72-ebb5-67cr" }, { "vulnerability": "VCID-rdtm-s21h-87az" }, { "vulnerability": "VCID-s8bc-98ph-nbh5" }, { "vulnerability": "VCID-sja2-g5vp-tqev" }, { "vulnerability": "VCID-t8ha-9bhp-fbbq" }, { "vulnerability": "VCID-tqj8-fuca-7bhh" }, { "vulnerability": "VCID-tr6w-mqxr-vueh" }, { "vulnerability": "VCID-u1ke-y4et-6ye8" }, { "vulnerability": "VCID-uc4c-cw57-tyfp" }, { "vulnerability": "VCID-ud6t-af1d-2yfh" }, { "vulnerability": "VCID-uny7-p1qf-abgp" }, { "vulnerability": "VCID-uuqh-tq51-tbex" }, { "vulnerability": "VCID-vbmp-pabj-r3es" }, { "vulnerability": "VCID-vfa1-gfnu-gqgb" }, { "vulnerability": "VCID-vtfd-afct-zkc5" }, { "vulnerability": "VCID-w2zm-rxx4-xqcy" }, { "vulnerability": "VCID-w5kh-x8en-yke7" }, { "vulnerability": "VCID-w84c-jzp6-zkee" }, { "vulnerability": "VCID-wf3q-rpbt-pfg7" }, { "vulnerability": "VCID-wsj3-x2v5-y7gc" }, { "vulnerability": "VCID-wuku-wat6-d3bc" }, { "vulnerability": "VCID-wupv-hcad-4yfs" }, { "vulnerability": "VCID-x3bb-7vq7-aqaa" }, { "vulnerability": "VCID-x9xg-ujre-3ub9" }, { "vulnerability": "VCID-xgmq-ybaw-ckae" }, { "vulnerability": "VCID-xju1-g3ft-gyge" }, { "vulnerability": "VCID-xkgj-r2v3-k3gt" }, { "vulnerability": "VCID-xm3s-de89-d3dr" }, { "vulnerability": "VCID-xzfd-upm6-6fa8" }, { "vulnerability": "VCID-zcea-b6q9-6fb9" }, { "vulnerability": "VCID-zkc5-3squ-puep" }, { "vulnerability": "VCID-zvva-ksud-3fe5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.5" } ], "aliases": [ "CVE-2022-45149", "GHSA-8v23-w4w5-w83c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yse5-3mf2-kyav" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.5" }