Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-yyug-rt71-yfds
Summary
Moodle Users Can Bypass Deleted Status
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.
Aliases
0
alias CVE-2012-0797
1
alias GHSA-72gv-qqrp-h9qg
Fixed_packages
0
url pkg:composer/moodle/moodle@2.0.7
purl pkg:composer/moodle/moodle@2.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cdk-8y5v-nba1
1
vulnerability VCID-e2hb-w8g1-xbax
2
vulnerability VCID-jbvt-9yy2-afb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.7
1
url pkg:composer/moodle/moodle@2.1.4
purl pkg:composer/moodle/moodle@2.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cdk-8y5v-nba1
1
vulnerability VCID-e2hb-w8g1-xbax
2
vulnerability VCID-jbvt-9yy2-afb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.4
2
url pkg:composer/moodle/moodle@2.2.1
purl pkg:composer/moodle/moodle@2.2.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4cdk-8y5v-nba1
1
vulnerability VCID-e2hb-w8g1-xbax
2
vulnerability VCID-jbvt-9yy2-afb4
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.1
Affected_packages
0
url pkg:composer/moodle/moodle@2.0.0
purl pkg:composer/moodle/moodle@2.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-41jn-p8ef-pqbg
1
vulnerability VCID-41up-e414-hyba
2
vulnerability VCID-47h1-1tt9-4fat
3
vulnerability VCID-4cdk-8y5v-nba1
4
vulnerability VCID-4hs4-xkzr-ybbf
5
vulnerability VCID-6dwh-baur-9ydg
6
vulnerability VCID-7pf8-gx8a-fbg1
7
vulnerability VCID-7tky-51ah-17bs
8
vulnerability VCID-9ca4-gyeh-qkhc
9
vulnerability VCID-9e5m-wfwn-j7a3
10
vulnerability VCID-9nee-rvyv-qfba
11
vulnerability VCID-a4uv-j23y-8bg1
12
vulnerability VCID-atb4-adjz-1uef
13
vulnerability VCID-dt8h-ktfk-2qec
14
vulnerability VCID-e2hb-w8g1-xbax
15
vulnerability VCID-ek29-cpbw-77fh
16
vulnerability VCID-ev8f-4uzk-b3an
17
vulnerability VCID-fq4z-5wh4-b3b5
18
vulnerability VCID-fwn7-hez1-ayhj
19
vulnerability VCID-jbvt-9yy2-afb4
20
vulnerability VCID-q6wx-c4w3-skh8
21
vulnerability VCID-qpm1-4xwk-sfb2
22
vulnerability VCID-r7wm-grca-3fgw
23
vulnerability VCID-scrd-yyjh-gbhw
24
vulnerability VCID-ubt2-hvzj-1kbh
25
vulnerability VCID-vgxb-fkuj-9fgk
26
vulnerability VCID-yyug-rt71-yfds
27
vulnerability VCID-zhfc-drsr-27ae
28
vulnerability VCID-zvsh-te3w-qyec
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.0.0
1
url pkg:composer/moodle/moodle@2.1.0
purl pkg:composer/moodle/moodle@2.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1uce-2wtr-8bfg
1
vulnerability VCID-29gm-tfg6-xkey
2
vulnerability VCID-3tq1-jwd5-xqcr
3
vulnerability VCID-4cdk-8y5v-nba1
4
vulnerability VCID-6dwh-baur-9ydg
5
vulnerability VCID-9nee-rvyv-qfba
6
vulnerability VCID-a4uv-j23y-8bg1
7
vulnerability VCID-atb4-adjz-1uef
8
vulnerability VCID-c9kg-rsj3-b3bw
9
vulnerability VCID-dt8h-ktfk-2qec
10
vulnerability VCID-e2hb-w8g1-xbax
11
vulnerability VCID-et8t-f1u1-kudb
12
vulnerability VCID-jbvt-9yy2-afb4
13
vulnerability VCID-mh2f-ytz5-9fhg
14
vulnerability VCID-q6wx-c4w3-skh8
15
vulnerability VCID-qpm1-4xwk-sfb2
16
vulnerability VCID-ubt2-hvzj-1kbh
17
vulnerability VCID-yyug-rt71-yfds
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.1.0
2
url pkg:composer/moodle/moodle@2.2.0
purl pkg:composer/moodle/moodle@2.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1uce-2wtr-8bfg
1
vulnerability VCID-29gm-tfg6-xkey
2
vulnerability VCID-2vsp-tbwq-1qhf
3
vulnerability VCID-41up-e414-hyba
4
vulnerability VCID-4cdk-8y5v-nba1
5
vulnerability VCID-b2tv-8q9g-qqfz
6
vulnerability VCID-c9kg-rsj3-b3bw
7
vulnerability VCID-e2hb-w8g1-xbax
8
vulnerability VCID-et8t-f1u1-kudb
9
vulnerability VCID-jbvt-9yy2-afb4
10
vulnerability VCID-mh2f-ytz5-9fhg
11
vulnerability VCID-vgxb-fkuj-9fgk
12
vulnerability VCID-y15n-cf9z-dyc4
13
vulnerability VCID-yyug-rt71-yfds
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.2.0
References
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126
reference_id
reference_type
scores
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28126
1
reference_url http://moodle.org/mod/forum/discuss.php?d=194016
reference_id
reference_type
scores
url http://moodle.org/mod/forum/discuss.php?d=194016
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=783532
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=783532
3
reference_url https://github.com/moodle/moodle/commit/364622b4662d9f349f3701ed548cda2f31491fea
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/364622b4662d9f349f3701ed548cda2f31491fea
4
reference_url https://github.com/moodle/moodle/commit/bbcde38b334ecbfa2a18b01b77a7e995b2c0d9f7
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/bbcde38b334ecbfa2a18b01b77a7e995b2c0d9f7
5
reference_url https://github.com/moodle/moodle/commit/dbfa519ad9e4d33ac3a4cd506d606d56a2f0bbff
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/dbfa519ad9e4d33ac3a4cd506d606d56a2f0bbff
6
reference_url https://github.com/moodle/moodle/commit/e922d9a90bab337b1082fbe28c352c18cae2580e
reference_id
reference_type
scores
url https://github.com/moodle/moodle/commit/e922d9a90bab337b1082fbe28c352c18cae2580e
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-0797
reference_id CVE-2012-0797
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-0797
8
reference_url https://github.com/advisories/GHSA-72gv-qqrp-h9qg
reference_id GHSA-72gv-qqrp-h9qg
reference_type
scores
url https://github.com/advisories/GHSA-72gv-qqrp-h9qg
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 16
name Configuration
description Weaknesses in this category are typically introduced during the configuration of the software.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-yyug-rt71-yfds