Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@4.2.0-beta
Typecomposer
Namespacemoodle
Namemoodle
Version4.2.0-beta
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.2.1
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
0
url VCID-2h6c-6mgm-akc2
vulnerability_id VCID-2h6c-6mgm-akc2
summary 
Moodle vulnerable to brute-force password guesses
Moodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62399
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25153
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62399
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2404432
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2404432
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/e4d02567c922c537086de9f59f063ca073552a3a
4
reference_url https://moodle.org/mod/forum/discuss.php?d=470388
reference_id
reference_type
scores
url https://moodle.org/mod/forum/discuss.php?d=470388
5
reference_url https://access.redhat.com/security/cve/CVE-2025-62399
reference_id CVE-2025-62399
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2025-62399
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62399
reference_id CVE-2025-62399
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-62399
7
reference_url https://github.com/advisories/GHSA-m58f-9pvv-8mp2
reference_id GHSA-m58f-9pvv-8mp2
reference_type
scores
url https://github.com/advisories/GHSA-m58f-9pvv-8mp2
fixed_packages
0
url pkg:composer/moodle/moodle@4.4.11
purl pkg:composer/moodle/moodle@4.4.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11
1
url pkg:composer/moodle/moodle@4.5.7
purl pkg:composer/moodle/moodle@4.5.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7
2
url pkg:composer/moodle/moodle@5.0.3
purl pkg:composer/moodle/moodle@5.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3
aliases CVE-2025-62399, GHSA-m58f-9pvv-8mp2
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2h6c-6mgm-akc2
1
url VCID-a6w6-penj-kuds
vulnerability_id VCID-a6w6-penj-kuds
summary 
Moodle has a time restriction bypass
An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62401
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12965
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62401
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2404434
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2404434
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/78a3fe6c618676dfc53ea538abbfe35e60674eeb
4
reference_url https://moodle.org/mod/forum/discuss.php?d=470390
reference_id
reference_type
scores
url https://moodle.org/mod/forum/discuss.php?d=470390
5
reference_url https://access.redhat.com/security/cve/CVE-2025-62401
reference_id CVE-2025-62401
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2025-62401
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62401
reference_id CVE-2025-62401
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-62401
7
reference_url https://github.com/advisories/GHSA-w29j-8phw-ffjf
reference_id GHSA-w29j-8phw-ffjf
reference_type
scores
url https://github.com/advisories/GHSA-w29j-8phw-ffjf
fixed_packages
0
url pkg:composer/moodle/moodle@4.4.11
purl pkg:composer/moodle/moodle@4.4.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11
1
url pkg:composer/moodle/moodle@4.5.7
purl pkg:composer/moodle/moodle@4.5.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7
2
url pkg:composer/moodle/moodle@5.0.3
purl pkg:composer/moodle/moodle@5.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3
aliases CVE-2025-62401, GHSA-w29j-8phw-ffjf
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a6w6-penj-kuds
2
url VCID-fcf4-tf5h-hfcr
vulnerability_id VCID-fcf4-tf5h-hfcr
summary Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-62400
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18778
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-62400
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2404433
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2404433
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/0c70d67059658879a71152ea075c74154a627d05
4
reference_url https://moodle.org/mod/forum/discuss.php?d=470389
reference_id
reference_type
scores
url https://moodle.org/mod/forum/discuss.php?d=470389
5
reference_url https://access.redhat.com/security/cve/CVE-2025-62400
reference_id CVE-2025-62400
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2025-62400
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-62400
reference_id CVE-2025-62400
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-62400
7
reference_url https://github.com/advisories/GHSA-422v-w6c5-vq42
reference_id GHSA-422v-w6c5-vq42
reference_type
scores
url https://github.com/advisories/GHSA-422v-w6c5-vq42
fixed_packages
0
url pkg:composer/moodle/moodle@4.4.11
purl pkg:composer/moodle/moodle@4.4.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.11
1
url pkg:composer/moodle/moodle@4.5.7
purl pkg:composer/moodle/moodle@4.5.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.7
2
url pkg:composer/moodle/moodle@5.0.3
purl pkg:composer/moodle/moodle@5.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.3
aliases CVE-2025-62400, GHSA-422v-w6c5-vq42
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcf4-tf5h-hfcr
3
url VCID-zaff-9ezm-aba1
vulnerability_id VCID-zaff-9ezm-aba1
summary 
Moodle affected by a code injection vulnerability
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-67847
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.09069
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-67847
1
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
url https://github.com/moodle/moodle
2
reference_url https://moodle.org/mod/forum/discuss.php?d=471297#p1892199
reference_id
reference_type
scores
url https://moodle.org/mod/forum/discuss.php?d=471297#p1892199
3
reference_url https://access.redhat.com/security/cve/CVE-2025-67847
reference_id CVE-2025-67847
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2025-67847
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-67847
reference_id CVE-2025-67847
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-67847
5
reference_url https://github.com/advisories/GHSA-xvmh-25jw-gmmm
reference_id GHSA-xvmh-25jw-gmmm
reference_type
scores
url https://github.com/advisories/GHSA-xvmh-25jw-gmmm
fixed_packages
0
url pkg:composer/moodle/moodle@4.4.12
purl pkg:composer/moodle/moodle@4.4.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.4.12
1
url pkg:composer/moodle/moodle@4.5.8
purl pkg:composer/moodle/moodle@4.5.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.5.8
2
url pkg:composer/moodle/moodle@5.0.4
purl pkg:composer/moodle/moodle@5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.0.4
3
url pkg:composer/moodle/moodle@5.1.1
purl pkg:composer/moodle/moodle@5.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@5.1.1
aliases CVE-2025-67847, GHSA-xvmh-25jw-gmmm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zaff-9ezm-aba1
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.2.0-beta