Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/77358?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/77358?format=api", "purl": "pkg:composer/moodle/moodle@3.5.12", "type": "composer", "namespace": "moodle", "name": "moodle", "version": "3.5.12", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.5.17", "latest_non_vulnerable_version": "5.1.2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53813?format=api", "vulnerability_id": "VCID-3cb4-wz6x-ckcd", "summary": "Improper Privilege Management\nIn moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57267", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25699" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895425", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895425" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/b8e1eec4c77c858de87fedf4e405e929539ea0c5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b8e1eec4c77c858de87fedf4e405e929539ea0c5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=413936", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=413936" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25699", "reference_id": "CVE-2020-25699", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25699" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79174?format=api", "purl": "pkg:composer/moodle/moodle@3.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/79175?format=api", "purl": "pkg:composer/moodle/moodle@3.7.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/79176?format=api", "purl": "pkg:composer/moodle/moodle@3.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/79177?format=api", "purl": "pkg:composer/moodle/moodle@3.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.3" } ], "aliases": [ "CVE-2020-25699", "GHSA-h77r-rp97-7rv4" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3cb4-wz6x-ckcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53809?format=api", "vulnerability_id": "VCID-42fa-qbft-rfff", "summary": "Improper Access Control\nUsers' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72406", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25698" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895419", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895419" }, { "reference_url": "https://github.com/moodle/moodle/commit/c8ac07fb50fa92eee1d574823fbda09e1b309a63", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/c8ac07fb50fa92eee1d574823fbda09e1b309a63" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-67837", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-67837" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=413935", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=413935" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25698", "reference_id": "CVE-2020-25698", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25698" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79174?format=api", "purl": "pkg:composer/moodle/moodle@3.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/79175?format=api", "purl": "pkg:composer/moodle/moodle@3.7.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/79176?format=api", "purl": "pkg:composer/moodle/moodle@3.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/79177?format=api", "purl": "pkg:composer/moodle/moodle@3.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.3" } ], "aliases": [ "CVE-2020-25698", "GHSA-vxhx-gmhm-623c" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42fa-qbft-rfff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53858?format=api", "vulnerability_id": "VCID-56wj-4124-ryd2", "summary": "Improper Access Control\nA vulnerability was found in Moodle where users with \"Log in as\" capability in a course context (typically, course managers) may gain access to some site administration capabilities by \"logging in as\" a System manager.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00554", "scoring_system": "epss", "scoring_elements": "0.68448", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25629" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=410841", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=410841" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25629", "reference_id": "CVE-2020-25629", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79170?format=api", "purl": "pkg:composer/moodle/moodle@3.5.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/79171?format=api", "purl": "pkg:composer/moodle/moodle@3.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79172?format=api", "purl": "pkg:composer/moodle/moodle@3.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/79173?format=api", "purl": "pkg:composer/moodle/moodle@3.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-q8s7-ksru-8ygs" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.2" } ], "aliases": [ "CVE-2020-25629", "GHSA-f5r8-7h4f-jr9x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56wj-4124-ryd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53862?format=api", "vulnerability_id": "VCID-6m19-4krm-2udd", "summary": "Uncontrolled Resource Consumption\nA vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.66174", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25630" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=410842", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=410842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25630", "reference_id": "CVE-2020-25630", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25630" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79170?format=api", "purl": "pkg:composer/moodle/moodle@3.5.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/79171?format=api", "purl": "pkg:composer/moodle/moodle@3.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79172?format=api", "purl": "pkg:composer/moodle/moodle@3.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/79173?format=api", "purl": "pkg:composer/moodle/moodle@3.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-q8s7-ksru-8ygs" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.2" } ], "aliases": [ "CVE-2020-25630", "GHSA-66xp-28cq-mrf2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6m19-4krm-2udd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54192?format=api", "vulnerability_id": "VCID-bbj9-hpz3-xqhh", "summary": "Cross-site Scripting\nThe ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63334", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20279" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939033", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939033" }, { "reference_url": "https://github.com/moodle/moodle/commit/a7e0ba1e71205ccb0a73dedee414f1a167ee2ed7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a7e0ba1e71205ccb0a73dedee414f1a167ee2ed7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=419650", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=419650" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20279", "reference_id": "CVE-2021-20279", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20279" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79982?format=api", "purl": "pkg:composer/moodle/moodle@3.5.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/59624?format=api", "purl": "pkg:composer/moodle/moodle@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-u32t-89zc-v3gj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79983?format=api", "purl": "pkg:composer/moodle/moodle@3.9.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/65140?format=api", "purl": "pkg:composer/moodle/moodle@3.10.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2" } ], "aliases": [ "CVE-2021-20279", "GHSA-h7h6-fwpv-ggvx" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbj9-hpz3-xqhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53811?format=api", "vulnerability_id": "VCID-c1a1-z5m1-nfbc", "summary": "Incorrect Authorization\nIf the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57267", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25701" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895432", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895432" }, { "reference_url": "https://github.com/moodle/moodle/commit/b8e1eec4c77c858de87fedf4e405e929539ea0c5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/b8e1eec4c77c858de87fedf4e405e929539ea0c5" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=413939", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=413939" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25701", "reference_id": "CVE-2020-25701", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25701" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79174?format=api", "purl": "pkg:composer/moodle/moodle@3.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/79175?format=api", "purl": "pkg:composer/moodle/moodle@3.7.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/79176?format=api", "purl": "pkg:composer/moodle/moodle@3.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/79177?format=api", "purl": "pkg:composer/moodle/moodle@3.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.3" } ], "aliases": [ "CVE-2020-25701", "GHSA-c9hq-g4q8-w893" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c1a1-z5m1-nfbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54193?format=api", "vulnerability_id": "VCID-dpd2-1sqc-qqfy", "summary": "Information Exposure\nIt was possible for some users without permission to view other users' full names to do so via the online users block in moodle", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43221", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20281" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939041", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939041" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/33d6017287e1835513a3de8edd3fbf7a6a90af9c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/33d6017287e1835513a3de8edd3fbf7a6a90af9c" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=419652", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=419652" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20281", "reference_id": "CVE-2021-20281", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20281" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79982?format=api", "purl": "pkg:composer/moodle/moodle@3.5.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/59624?format=api", "purl": "pkg:composer/moodle/moodle@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-u32t-89zc-v3gj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79983?format=api", "purl": "pkg:composer/moodle/moodle@3.9.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/65140?format=api", "purl": "pkg:composer/moodle/moodle@3.10.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2" } ], "aliases": [ "CVE-2021-20281", "GHSA-93wh-35r4-6qmw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dpd2-1sqc-qqfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53860?format=api", "vulnerability_id": "VCID-fskk-cb95-uqer", "summary": "Cross-site Scripting\nThe filter in the tag manager required extra sanitizing to prevent a reflected XSS risk.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69340", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-69340" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48377", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25628" }, { "reference_url": "https://github.com/moodle/moodle/commit/e8632a4ad0b4da3763cbbe5949594aa449b483bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/e8632a4ad0b4da3763cbbe5949594aa449b483bb" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=410840", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=410840" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25628", "reference_id": "CVE-2020-25628", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79170?format=api", "purl": "pkg:composer/moodle/moodle@3.5.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/79171?format=api", "purl": "pkg:composer/moodle/moodle@3.7.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79172?format=api", "purl": "pkg:composer/moodle/moodle@3.8.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/79173?format=api", "purl": "pkg:composer/moodle/moodle@3.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-q8s7-ksru-8ygs" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.2" } ], "aliases": [ "CVE-2020-25628", "GHSA-5x33-h32w-6vr2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fskk-cb95-uqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54185?format=api", "vulnerability_id": "VCID-gnez-ehgq-rfbr", "summary": "Incorrect Authorization\nWhen creating a user account, it was possible to verify the account without having access to the verification email `link/secret` in moodle", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39052", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939046", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939046" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=419653", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=419653" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20282", "reference_id": "CVE-2021-20282", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20282" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79982?format=api", "purl": "pkg:composer/moodle/moodle@3.5.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/59624?format=api", "purl": "pkg:composer/moodle/moodle@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-u32t-89zc-v3gj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79983?format=api", "purl": "pkg:composer/moodle/moodle@3.9.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/65140?format=api", "purl": "pkg:composer/moodle/moodle@3.10.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2" } ], "aliases": [ "CVE-2021-20282", "GHSA-grj4-g57c-9xmv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnez-ehgq-rfbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53998?format=api", "vulnerability_id": "VCID-jcq6-btgz-fkf6", "summary": "Cross-site Scripting\nIt was found in Moodle that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64171", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20183" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/dc9de7b0d487b73c23c221dc0b8b6e01654921f3" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417166", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417166" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20183", "reference_id": "CVE-2021-20183", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20183" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/65139?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bu6d-ns3s-fuck" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/152240?format=api", "purl": "pkg:composer/moodle/moodle@4.0.0-beta", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0-beta" } ], "aliases": [ "CVE-2021-20183", "GHSA-xhfx-rm8q-c3xv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcq6-btgz-fkf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53805?format=api", "vulnerability_id": "VCID-jcsq-3q5z-4kc6", "summary": "SQL Injection\nIn moodle, some database module web services allowed students to add entries within groups they did not belong to.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.64037", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25700" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895427", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895427" }, { "reference_url": "https://github.com/moodle/moodle/commit/8169aeff59d8ed910ca3545413561005282bbd32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/8169aeff59d8ed910ca3545413561005282bbd32" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=413938", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=413938" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25700", "reference_id": "CVE-2020-25700", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25700" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79174?format=api", "purl": "pkg:composer/moodle/moodle@3.5.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/79175?format=api", "purl": "pkg:composer/moodle/moodle@3.7.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/79176?format=api", "purl": "pkg:composer/moodle/moodle@3.8.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/79177?format=api", "purl": "pkg:composer/moodle/moodle@3.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.3" } ], "aliases": [ "CVE-2020-25700", "GHSA-7h8v-2v8x-h264" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcsq-3q5z-4kc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53997?format=api", "vulnerability_id": "VCID-mhm4-8kuk-t7b6", "summary": "Uncontrolled Resource Consumption\nIt was found in Moodle that messaging does not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59891", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20185" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417168", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417168" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20185", "reference_id": "CVE-2021-20185", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20185" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79637?format=api", "purl": "pkg:composer/moodle/moodle@3.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/79638?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79639?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65139?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bu6d-ns3s-fuck" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20185", "GHSA-c3j6-33r4-89q3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhm4-8kuk-t7b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53999?format=api", "vulnerability_id": "VCID-mkfz-e1ft-2bcw", "summary": "Code Injection\nIt was found in Moodle that it was possible for site administrators to execute arbitrary PHP scripts via a PHP include used during Shibboleth authentication.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.7197", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20187" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417171", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417171" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20187", "reference_id": "CVE-2021-20187", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20187" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79637?format=api", "purl": "pkg:composer/moodle/moodle@3.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/79638?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79639?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65139?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bu6d-ns3s-fuck" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20187", "GHSA-2jrm-gww7-wch2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkfz-e1ft-2bcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54183?format=api", "vulnerability_id": "VCID-mqde-66zm-qbbj", "summary": "Incorrect Authorization\nThe web service responsible for fetching other users' enrolled courses does not validate that the requesting user had permission to view that information in each course in moodle", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35659", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939051", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939051" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=419654", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=419654" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20283", "reference_id": "CVE-2021-20283", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20283" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79982?format=api", "purl": "pkg:composer/moodle/moodle@3.5.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/59624?format=api", "purl": "pkg:composer/moodle/moodle@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-u32t-89zc-v3gj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79983?format=api", "purl": "pkg:composer/moodle/moodle@3.9.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/65140?format=api", "purl": "pkg:composer/moodle/moodle@3.10.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2" } ], "aliases": [ "CVE-2021-20283", "GHSA-2m72-m5cw-3g9h" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqde-66zm-qbbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53996?format=api", "vulnerability_id": "VCID-nntc-dsz1-e3fp", "summary": "Cross-site Scripting\nIt was found in Moodle that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0053", "scoring_system": "epss", "scoring_elements": "0.67569", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20186" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417170", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417170" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20186", "reference_id": "CVE-2021-20186", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20186" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79637?format=api", "purl": "pkg:composer/moodle/moodle@3.5.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/79638?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79639?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65139?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bu6d-ns3s-fuck" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20186", "GHSA-h8m4-h385-qhqv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nntc-dsz1-e3fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54187?format=api", "vulnerability_id": "VCID-pgfa-bkaw-q7cq", "summary": "Cross-site Scripting\nText-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle", "references": [ { "reference_url": "http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20280", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75733", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939037", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939037" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/a303eb9e9e387f95ea2a80cb1ce6c0b132ec1cc4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/a303eb9e9e387f95ea2a80cb1ce6c0b132ec1cc4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=419651", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=419651" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20280", "reference_id": "CVE-2021-20280", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20280" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79982?format=api", "purl": "pkg:composer/moodle/moodle@3.5.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/59624?format=api", "purl": "pkg:composer/moodle/moodle@3.8.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-u32t-89zc-v3gj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/79983?format=api", "purl": "pkg:composer/moodle/moodle@3.9.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/65140?format=api", "purl": "pkg:composer/moodle/moodle@3.10.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2" } ], "aliases": [ "CVE-2021-20280", "GHSA-x2jp-hh65-4xvf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfa-bkaw-q7cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54002?format=api", "vulnerability_id": "VCID-zwkk-zazw-6fgg", "summary": "Improper Validation of Integrity Check Value\nIt was found in Moodle that a insufficient capability checks in some grade related web services meant students were able to view other students grades.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20184", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34896", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20184" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=417167", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=417167" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20184", "reference_id": "CVE-2021-20184", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20184" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/79638?format=api", "purl": "pkg:composer/moodle/moodle@3.8.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/79639?format=api", "purl": "pkg:composer/moodle/moodle@3.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/65139?format=api", "purl": "pkg:composer/moodle/moodle@3.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bu6d-ns3s-fuck" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.1" } ], "aliases": [ "CVE-2021-20184", "GHSA-mm73-86f9-5x5c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkk-zazw-6fgg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52625?format=api", "vulnerability_id": "VCID-paj4-nq1r-jbd3", "summary": "Improper Input Validation\nIt is possible to create an SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-68410", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-68410" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0234", "scoring_system": "epss", "scoring_elements": "0.85157", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10738" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10738", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10738" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2cd534a7df3867813e3aad42db615865149a58c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2cd534a7df3867813e3aad42db615865149a58c6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=403513", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=403513" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10738", "reference_id": "CVE-2020-10738", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77358?format=api", "purl": "pkg:composer/moodle/moodle@3.5.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-56wj-4124-ryd2" }, { "vulnerability": "VCID-6m19-4krm-2udd" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-fskk-cb95-uqer" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/77359?format=api", "purl": "pkg:composer/moodle/moodle@3.6.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/77360?format=api", "purl": "pkg:composer/moodle/moodle@3.7.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-56wj-4124-ryd2" }, { "vulnerability": "VCID-6m19-4krm-2udd" }, { "vulnerability": "VCID-c14d-1sa2-rkf6" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-fskk-cb95-uqer" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-nna3-77cm-vbah" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/77361?format=api", "purl": "pkg:composer/moodle/moodle@3.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-56wj-4124-ryd2" }, { "vulnerability": "VCID-6m19-4krm-2udd" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-c14d-1sa2-rkf6" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-fskk-cb95-uqer" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-nna3-77cm-vbah" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.3" } ], "aliases": [ "CVE-2020-10738", "GHSA-vr6v-g96p-cjc3" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-paj4-nq1r-jbd3" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.12" }