Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:composer/moodle/moodle@3.9.5

Type composer

Namespace moodle

Name moodle

Version 3.9.5

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.9.7

Latest_non_vulnerable_version 5.1.2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-bbj9-hpz3-xqhh

vulnerability_id VCID-bbj9-hpz3-xqhh

summary

Cross-site Scripting
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20279

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63334
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20279

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939033

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939033

reference_url

https://github.com/moodle/moodle/commit/a7e0ba1e71205ccb0a73dedee414f1a167ee2ed7

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle/commit/a7e0ba1e71205ccb0a73dedee414f1a167ee2ed7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_url

https://moodle.org/mod/forum/discuss.php?d=419650

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://moodle.org/mod/forum/discuss.php?d=419650

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20279

reference_id

CVE-2021-20279

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20279

fixed_packages

url	pkg:composer/moodle/moodle@3.5.17
purl	pkg:composer/moodle/moodle@3.5.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17

url pkg:composer/moodle/moodle@3.8.8

purl pkg:composer/moodle/moodle@3.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-164m-humk-1fe3

vulnerability	VCID-p3ge-1cqt-tufw

vulnerability	VCID-u32t-89zc-v3gj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8

url	pkg:composer/moodle/moodle@3.9.5
purl	pkg:composer/moodle/moodle@3.9.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

url	pkg:composer/moodle/moodle@3.10.2
purl	pkg:composer/moodle/moodle@3.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2

aliases CVE-2021-20279, GHSA-h7h6-fwpv-ggvx

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbj9-hpz3-xqhh

url VCID-dpd2-1sqc-qqfy

vulnerability_id VCID-dpd2-1sqc-qqfy

summary

Information Exposure
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20281

reference_id

reference_type

scores

value	0.00208
scoring_system	epss
scoring_elements	0.43221
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20281

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939041

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939041

reference_url

https://github.com/moodle/moodle

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle

reference_url

https://github.com/moodle/moodle/commit/33d6017287e1835513a3de8edd3fbf7a6a90af9c

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle/commit/33d6017287e1835513a3de8edd3fbf7a6a90af9c

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_url

https://moodle.org/mod/forum/discuss.php?d=419652

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://moodle.org/mod/forum/discuss.php?d=419652

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20281

reference_id

CVE-2021-20281

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20281

fixed_packages

url	pkg:composer/moodle/moodle@3.5.17
purl	pkg:composer/moodle/moodle@3.5.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17

url pkg:composer/moodle/moodle@3.8.8

purl pkg:composer/moodle/moodle@3.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-164m-humk-1fe3

vulnerability	VCID-p3ge-1cqt-tufw

vulnerability	VCID-u32t-89zc-v3gj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8

url	pkg:composer/moodle/moodle@3.9.5
purl	pkg:composer/moodle/moodle@3.9.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

url	pkg:composer/moodle/moodle@3.10.2
purl	pkg:composer/moodle/moodle@3.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2

aliases CVE-2021-20281, GHSA-93wh-35r4-6qmw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpd2-1sqc-qqfy

url VCID-gnez-ehgq-rfbr

vulnerability_id VCID-gnez-ehgq-rfbr

summary

Incorrect Authorization
When creating a user account, it was possible to verify the account without having access to the verification email `link/secret` in moodle

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20282

reference_id

reference_type

scores

value	0.00178
scoring_system	epss
scoring_elements	0.39052
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20282

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939046

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939046

reference_url

https://github.com/moodle/moodle

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_url

https://moodle.org/mod/forum/discuss.php?d=419653

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://moodle.org/mod/forum/discuss.php?d=419653

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20282

reference_id

CVE-2021-20282

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20282

fixed_packages

url	pkg:composer/moodle/moodle@3.5.17
purl	pkg:composer/moodle/moodle@3.5.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17

url pkg:composer/moodle/moodle@3.8.8

purl pkg:composer/moodle/moodle@3.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-164m-humk-1fe3

vulnerability	VCID-p3ge-1cqt-tufw

vulnerability	VCID-u32t-89zc-v3gj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8

url	pkg:composer/moodle/moodle@3.9.5
purl	pkg:composer/moodle/moodle@3.9.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

url	pkg:composer/moodle/moodle@3.10.2
purl	pkg:composer/moodle/moodle@3.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2

aliases CVE-2021-20282, GHSA-grj4-g57c-9xmv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnez-ehgq-rfbr

url VCID-mqde-66zm-qbbj

vulnerability_id VCID-mqde-66zm-qbbj

summary

Incorrect Authorization
The web service responsible for fetching other users' enrolled courses does not validate that the requesting user had permission to view that information in each course in moodle

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20283

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.35659
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20283

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939051

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939051

reference_url

https://github.com/moodle/moodle

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_url

https://moodle.org/mod/forum/discuss.php?d=419654

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://moodle.org/mod/forum/discuss.php?d=419654

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20283

reference_id

CVE-2021-20283

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20283

fixed_packages

url	pkg:composer/moodle/moodle@3.5.17
purl	pkg:composer/moodle/moodle@3.5.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17

url pkg:composer/moodle/moodle@3.8.8

purl pkg:composer/moodle/moodle@3.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-164m-humk-1fe3

vulnerability	VCID-p3ge-1cqt-tufw

vulnerability	VCID-u32t-89zc-v3gj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8

url	pkg:composer/moodle/moodle@3.9.5
purl	pkg:composer/moodle/moodle@3.9.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

url	pkg:composer/moodle/moodle@3.10.2
purl	pkg:composer/moodle/moodle@3.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2

aliases CVE-2021-20283, GHSA-2m72-m5cw-3g9h

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqde-66zm-qbbj

url VCID-pgfa-bkaw-q7cq

vulnerability_id VCID-pgfa-bkaw-q7cq

summary

Cross-site Scripting
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle

references

reference_url

http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20280

reference_id

reference_type

scores

value	0.00881
scoring_system	epss
scoring_elements	0.75733
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20280

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939037

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939037

reference_url

https://github.com/moodle/moodle

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle

reference_url

https://github.com/moodle/moodle/commit/a303eb9e9e387f95ea2a80cb1ce6c0b132ec1cc4

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/moodle/moodle/commit/a303eb9e9e387f95ea2a80cb1ce6c0b132ec1cc4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT

reference_url

https://moodle.org/mod/forum/discuss.php?d=419651

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://moodle.org/mod/forum/discuss.php?d=419651

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20280

reference_id

CVE-2021-20280

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20280

fixed_packages

url	pkg:composer/moodle/moodle@3.5.17
purl	pkg:composer/moodle/moodle@3.5.17
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.17

url pkg:composer/moodle/moodle@3.8.8

purl pkg:composer/moodle/moodle@3.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-164m-humk-1fe3

vulnerability	VCID-p3ge-1cqt-tufw

vulnerability	VCID-u32t-89zc-v3gj

resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.8.8

url	pkg:composer/moodle/moodle@3.9.5
purl	pkg:composer/moodle/moodle@3.9.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

url	pkg:composer/moodle/moodle@3.10.2
purl	pkg:composer/moodle/moodle@3.10.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.2

aliases CVE-2021-20280, GHSA-x2jp-hh65-4xvf

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfa-bkaw-q7cq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.5

Package Instance