Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/110348?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110348?format=api", "vulnerability_id": "VCID-jsza-gn5n-cfac", "summary": "Moodle Open redirect risk in mobile auto-login feature\nAn open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.", "aliases": [ { "alias": "CVE-2022-35652" }, { "alias": "GHSA-243v-5pff-qqfj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/148982?format=api", "purl": "pkg:composer/moodle/moodle@3.9.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/148981?format=api", "purl": "pkg:composer/moodle/moodle@3.11.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/148980?format=api", "purl": "pkg:composer/moodle/moodle@4.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59614?format=api", "purl": "pkg:composer/moodle/moodle@3.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-1kfj-2zwf-vbfp" }, { "vulnerability": "VCID-233t-s5y8-4yg5" }, { "vulnerability": "VCID-2cdg-m3pq-ufe5" }, { "vulnerability": "VCID-2gtq-u4jg-4uck" }, { "vulnerability": "VCID-2jta-hqah-d7cf" }, { "vulnerability": "VCID-33ss-gb34-8ke5" }, { "vulnerability": "VCID-3cb4-wz6x-ckcd" }, { "vulnerability": "VCID-3uvf-6ztd-xkaf" }, { "vulnerability": "VCID-42fa-qbft-rfff" }, { "vulnerability": "VCID-49gk-ugfy-6bcd" }, { "vulnerability": "VCID-4m9g-bu1c-hbec" }, { "vulnerability": "VCID-56wj-4124-ryd2" }, { "vulnerability": "VCID-57wg-wxss-jbaw" }, { "vulnerability": "VCID-5rk8-v6bb-6ugh" }, { "vulnerability": "VCID-62fw-qwr5-eyc1" }, { "vulnerability": "VCID-6m19-4krm-2udd" }, { "vulnerability": "VCID-6rc8-bs9z-5bb2" }, { "vulnerability": "VCID-86jh-xn5g-kkgc" }, { "vulnerability": "VCID-8aat-cy8z-7qb2" }, { "vulnerability": "VCID-b994-r5mw-3fbg" }, { "vulnerability": "VCID-bbj9-hpz3-xqhh" }, { "vulnerability": "VCID-bhfv-dn14-ukfs" }, { "vulnerability": "VCID-bju3-sj3y-83e3" }, { "vulnerability": "VCID-c14d-1sa2-rkf6" }, { "vulnerability": "VCID-c1a1-z5m1-nfbc" }, { "vulnerability": "VCID-cp4k-uz4a-ukh6" }, { "vulnerability": "VCID-cs5n-4bst-zfcj" }, { "vulnerability": "VCID-dpd2-1sqc-qqfy" }, { "vulnerability": "VCID-efq2-s2df-pqa1" }, { "vulnerability": "VCID-f3b8-bfqu-8qbk" }, { "vulnerability": "VCID-fskk-cb95-uqer" }, { "vulnerability": "VCID-g9f7-787g-vyem" }, { "vulnerability": "VCID-gepg-y7ud-cuds" }, { "vulnerability": "VCID-gnez-ehgq-rfbr" }, { "vulnerability": "VCID-gt5j-wemg-17gx" }, { "vulnerability": "VCID-hk13-uc46-87h1" }, { "vulnerability": "VCID-hsk6-h5ky-g3cx" }, { "vulnerability": "VCID-j21p-heue-nqd9" }, { "vulnerability": "VCID-jcq6-btgz-fkf6" }, { "vulnerability": "VCID-jcsq-3q5z-4kc6" }, { "vulnerability": "VCID-jsza-gn5n-cfac" }, { "vulnerability": "VCID-kjd6-4drf-9ycm" }, { "vulnerability": "VCID-mhm4-8kuk-t7b6" }, { "vulnerability": "VCID-mkfz-e1ft-2bcw" }, { "vulnerability": "VCID-mqde-66zm-qbbj" }, { "vulnerability": "VCID-n7d3-j3jn-rqfc" }, { "vulnerability": "VCID-nna3-77cm-vbah" }, { "vulnerability": "VCID-nntc-dsz1-e3fp" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-pgfa-bkaw-q7cq" }, { "vulnerability": "VCID-q8s7-ksru-8ygs" }, { "vulnerability": "VCID-qfvz-hf8h-8bb3" }, { "vulnerability": "VCID-rqde-qn4c-pfd9" }, { "vulnerability": "VCID-s7pu-hgz5-zfbq" }, { "vulnerability": "VCID-sca8-zx4m-sub6" }, { "vulnerability": "VCID-t1vq-5b3t-tbfd" }, { "vulnerability": "VCID-taab-hupu-huf9" }, { "vulnerability": "VCID-u32t-89zc-v3gj" }, { "vulnerability": "VCID-ucyr-e6qr-5qe1" }, { "vulnerability": "VCID-utsj-g57g-cbeb" }, { "vulnerability": "VCID-vj1z-16nw-5khk" }, { "vulnerability": "VCID-xh4x-t7he-pufq" }, { "vulnerability": "VCID-yenj-fv96-pbd7" }, { "vulnerability": "VCID-z29a-xpcq-p7ct" }, { "vulnerability": "VCID-zf4q-a4cz-y7dh" }, { "vulnerability": "VCID-zwkk-zazw-6fgg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/59618?format=api", "purl": "pkg:composer/moodle/moodle@3.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-164m-humk-1fe3" }, { "vulnerability": "VCID-1kfj-2zwf-vbfp" }, { "vulnerability": "VCID-1wzm-dhqv-43bj" }, { "vulnerability": "VCID-233t-s5y8-4yg5" }, { "vulnerability": "VCID-24bp-c9yc-gua4" }, { "vulnerability": "VCID-2gtq-u4jg-4uck" }, { "vulnerability": "VCID-2trf-n9r4-ykgg" }, { "vulnerability": "VCID-2z6d-qf96-kyb4" }, { "vulnerability": "VCID-33ss-gb34-8ke5" }, { "vulnerability": "VCID-3ept-fdps-5fe5" }, { "vulnerability": "VCID-49gk-ugfy-6bcd" }, { "vulnerability": "VCID-4c9d-jf9g-u3gn" }, { "vulnerability": "VCID-4m9g-bu1c-hbec" }, { "vulnerability": "VCID-57wg-wxss-jbaw" }, { "vulnerability": "VCID-5bfe-hk7m-7bh6" }, { "vulnerability": "VCID-5q1e-b4e8-jbc8" }, { "vulnerability": "VCID-5rk8-v6bb-6ugh" }, { "vulnerability": "VCID-62fw-qwr5-eyc1" }, { "vulnerability": "VCID-6rc8-bs9z-5bb2" }, { "vulnerability": "VCID-7rqc-eepq-43ds" }, { "vulnerability": "VCID-7x6e-qege-ufdv" }, { "vulnerability": "VCID-86jh-xn5g-kkgc" }, { "vulnerability": "VCID-8d9n-ejbb-7fa1" }, { "vulnerability": "VCID-9uem-p6k3-nqdb" }, { "vulnerability": "VCID-b994-r5mw-3fbg" }, { "vulnerability": "VCID-bhfv-dn14-ukfs" }, { "vulnerability": "VCID-cbzx-gnhr-pfap" }, { "vulnerability": "VCID-cp4k-uz4a-ukh6" }, { "vulnerability": "VCID-d8gp-tuxy-3qdf" }, { "vulnerability": "VCID-dvrf-62nt-2kdp" }, { "vulnerability": "VCID-f3b8-bfqu-8qbk" }, { "vulnerability": "VCID-g9f7-787g-vyem" }, { "vulnerability": "VCID-gabv-ggbj-ckaj" }, { "vulnerability": "VCID-gepg-y7ud-cuds" }, { "vulnerability": "VCID-gr4h-n82f-zkg2" }, { "vulnerability": "VCID-gt5j-wemg-17gx" }, { "vulnerability": "VCID-hk13-uc46-87h1" }, { "vulnerability": "VCID-hsk6-h5ky-g3cx" }, { "vulnerability": "VCID-j21p-heue-nqd9" }, { "vulnerability": "VCID-jarn-rtuz-wucq" }, { "vulnerability": "VCID-jfsu-ya7r-h3e1" }, { "vulnerability": "VCID-jsza-gn5n-cfac" }, { "vulnerability": "VCID-kjd6-4drf-9ycm" }, { "vulnerability": "VCID-p3ge-1cqt-tufw" }, { "vulnerability": "VCID-q7va-hwg7-fbb4" }, { "vulnerability": "VCID-qfvz-hf8h-8bb3" }, { "vulnerability": "VCID-rqde-qn4c-pfd9" }, { "vulnerability": "VCID-s7pu-hgz5-zfbq" }, { "vulnerability": "VCID-sca8-zx4m-sub6" }, { "vulnerability": "VCID-t1vq-5b3t-tbfd" }, { "vulnerability": "VCID-taab-hupu-huf9" }, { "vulnerability": "VCID-u32t-89zc-v3gj" }, { "vulnerability": "VCID-ucyr-e6qr-5qe1" }, { "vulnerability": "VCID-utsj-g57g-cbeb" }, { "vulnerability": "VCID-vj1z-16nw-5khk" }, { "vulnerability": "VCID-wnaz-fnev-qqhd" }, { "vulnerability": "VCID-x1pc-1kuc-kug2" }, { "vulnerability": "VCID-xh4x-t7he-pufq" }, { "vulnerability": "VCID-yenj-fv96-pbd7" }, { "vulnerability": "VCID-yxag-fghx-47ej" }, { "vulnerability": "VCID-z29a-xpcq-p7ct" }, { "vulnerability": "VCID-zf4q-a4cz-y7dh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/63984?format=api", "purl": "pkg:composer/moodle/moodle@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1wzm-dhqv-43bj" }, { "vulnerability": "VCID-24bp-c9yc-gua4" }, { "vulnerability": "VCID-2trf-n9r4-ykgg" }, { "vulnerability": "VCID-2z6d-qf96-kyb4" }, { "vulnerability": "VCID-33ss-gb34-8ke5" }, { "vulnerability": "VCID-3ept-fdps-5fe5" }, { "vulnerability": "VCID-49gk-ugfy-6bcd" }, { "vulnerability": "VCID-4c9d-jf9g-u3gn" }, { "vulnerability": "VCID-4m9g-bu1c-hbec" }, { "vulnerability": "VCID-4svp-grnb-2fh3" }, { "vulnerability": "VCID-5bfe-hk7m-7bh6" }, { "vulnerability": "VCID-5q1e-b4e8-jbc8" }, { "vulnerability": "VCID-5rk8-v6bb-6ugh" }, { "vulnerability": "VCID-62fw-qwr5-eyc1" }, { "vulnerability": "VCID-6rc8-bs9z-5bb2" }, { "vulnerability": "VCID-7rqc-eepq-43ds" }, { "vulnerability": "VCID-7x6e-qege-ufdv" }, { "vulnerability": "VCID-86jh-xn5g-kkgc" }, { "vulnerability": "VCID-8d9n-ejbb-7fa1" }, { "vulnerability": "VCID-b994-r5mw-3fbg" }, { "vulnerability": "VCID-cbzx-gnhr-pfap" }, { "vulnerability": "VCID-d8gp-tuxy-3qdf" }, { "vulnerability": "VCID-dvrf-62nt-2kdp" }, { "vulnerability": "VCID-f3b8-bfqu-8qbk" }, { "vulnerability": "VCID-gabv-ggbj-ckaj" }, { "vulnerability": "VCID-gepg-y7ud-cuds" }, { "vulnerability": "VCID-gt5j-wemg-17gx" }, { "vulnerability": "VCID-hsk6-h5ky-g3cx" }, { "vulnerability": "VCID-j21p-heue-nqd9" }, { "vulnerability": "VCID-jarn-rtuz-wucq" }, { "vulnerability": "VCID-jfsu-ya7r-h3e1" }, { "vulnerability": "VCID-jsza-gn5n-cfac" }, { "vulnerability": "VCID-kjd6-4drf-9ycm" }, { "vulnerability": "VCID-ngar-aydn-eye4" }, { "vulnerability": "VCID-q7va-hwg7-fbb4" }, { "vulnerability": "VCID-rqde-qn4c-pfd9" }, { "vulnerability": "VCID-s7pu-hgz5-zfbq" }, { "vulnerability": "VCID-sca8-zx4m-sub6" }, { "vulnerability": "VCID-sz1m-v8wf-nqgx" }, { "vulnerability": "VCID-t1vq-5b3t-tbfd" }, { "vulnerability": "VCID-ucyr-e6qr-5qe1" }, { "vulnerability": "VCID-utsj-g57g-cbeb" }, { "vulnerability": "VCID-vj1z-16nw-5khk" }, { "vulnerability": "VCID-x1pc-1kuc-kug2" }, { "vulnerability": "VCID-xh4x-t7he-pufq" }, { "vulnerability": "VCID-yenj-fv96-pbd7" }, { "vulnerability": "VCID-yxag-fghx-47ej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@4.0.0" } ], "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72171", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72171" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35652", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0038", "scoring_system": "epss", "scoring_elements": "0.59788", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35652" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106276", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106276" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=436459", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=436459" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35652", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35652" }, { "reference_url": "https://github.com/advisories/GHSA-243v-5pff-qqfj", "reference_id": "GHSA-243v-5pff-qqfj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-243v-5pff-qqfj" } ], "weaknesses": [ { "cwe_id": 601, "name": "URL Redirection to Untrusted Site ('Open Redirect')", "description": "A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jsza-gn5n-cfac" }