Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6v43-drd7-ufd7
Summary
Moodle allows bypass of intended access restrictions
mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by remaining in a chat session after an intra-session capability removal by an administrator.
Aliases
0
alias CVE-2014-0122
1
alias GHSA-f9m9-494r-w36p
Fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
Affected_packages
0
url pkg:composer/moodle/moodle@2.5.0
purl pkg:composer/moodle/moodle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1whm-dsv7-t7gm
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-37pj-u3gh-n7fd
4
vulnerability VCID-4v57-bu85-syhr
5
vulnerability VCID-4xqt-yugc-qufr
6
vulnerability VCID-5ru2-1n1f-afa4
7
vulnerability VCID-65y9-9ur2-pugc
8
vulnerability VCID-6v43-drd7-ufd7
9
vulnerability VCID-7g7m-bu5q-gbcx
10
vulnerability VCID-83kb-4mk9-t7ge
11
vulnerability VCID-88pw-zwqn-cqfd
12
vulnerability VCID-a6pb-47tu-afcg
13
vulnerability VCID-ajkr-fxa1-mkhk
14
vulnerability VCID-an53-nu91-k3d7
15
vulnerability VCID-bjnq-q2nd-1khp
16
vulnerability VCID-cvqm-kjhx-q7ej
17
vulnerability VCID-czph-uxwr-5uge
18
vulnerability VCID-duna-st9c-mqbk
19
vulnerability VCID-ea5s-xphb-6ub7
20
vulnerability VCID-eaqp-7abt-6kg9
21
vulnerability VCID-eu27-a3px-87ed
22
vulnerability VCID-fsex-f512-pudv
23
vulnerability VCID-gdz8-d8j3-nqdh
24
vulnerability VCID-h8xn-n98n-qqdv
25
vulnerability VCID-j3t3-svwb-p7bn
26
vulnerability VCID-jcq6-btgz-fkf6
27
vulnerability VCID-k1bh-ymgt-e7cd
28
vulnerability VCID-k6pw-51st-b3d2
29
vulnerability VCID-k73h-z6j8-gkgz
30
vulnerability VCID-m3np-aebb-8qaa
31
vulnerability VCID-m4zv-e3dn-budf
32
vulnerability VCID-mkfz-e1ft-2bcw
33
vulnerability VCID-nntc-dsz1-e3fp
34
vulnerability VCID-q3wv-9hj6-vbgt
35
vulnerability VCID-qhv1-wgpm-7fh6
36
vulnerability VCID-qpu2-8paz-7ydv
37
vulnerability VCID-qxyw-7hnt-hqd6
38
vulnerability VCID-r6kn-b963-eqge
39
vulnerability VCID-r88h-mteg-yka9
40
vulnerability VCID-rdfn-52p2-afa7
41
vulnerability VCID-s5cy-eva4-wbaf
42
vulnerability VCID-s6uu-335k-yfbc
43
vulnerability VCID-ucg8-htfc-2bhn
44
vulnerability VCID-vb67-yux5-ayhf
45
vulnerability VCID-vfp6-4h8n-bkax
46
vulnerability VCID-vrfy-36yc-muhr
47
vulnerability VCID-vs2j-b4qg-nbgu
48
vulnerability VCID-vwyj-z4gf-8fg5
49
vulnerability VCID-w9ca-exua-g7ar
50
vulnerability VCID-x7rg-rsb5-pya7
51
vulnerability VCID-xmm4-zw49-3feh
52
vulnerability VCID-y8up-cqtu-jkdw
53
vulnerability VCID-yghg-775s-vber
54
vulnerability VCID-zjrq-np3y-hua5
55
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.0
1
url pkg:composer/moodle/moodle@2.6.0
purl pkg:composer/moodle/moodle@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1rar-m2g3-27ag
2
vulnerability VCID-1whm-dsv7-t7gm
3
vulnerability VCID-29yj-e9bd-queq
4
vulnerability VCID-2s6b-tp6p-gue1
5
vulnerability VCID-37pj-u3gh-n7fd
6
vulnerability VCID-3xwm-hqap-8bct
7
vulnerability VCID-4v57-bu85-syhr
8
vulnerability VCID-4xqt-yugc-qufr
9
vulnerability VCID-5c29-qn3p-3yde
10
vulnerability VCID-5ru2-1n1f-afa4
11
vulnerability VCID-65y9-9ur2-pugc
12
vulnerability VCID-6v43-drd7-ufd7
13
vulnerability VCID-7g7m-bu5q-gbcx
14
vulnerability VCID-7x8g-tdd5-kqbs
15
vulnerability VCID-83kb-4mk9-t7ge
16
vulnerability VCID-88pw-zwqn-cqfd
17
vulnerability VCID-8q4n-d565-kfbn
18
vulnerability VCID-a6pb-47tu-afcg
19
vulnerability VCID-ajkr-fxa1-mkhk
20
vulnerability VCID-an53-nu91-k3d7
21
vulnerability VCID-bfmx-cwap-8yhp
22
vulnerability VCID-bjnq-q2nd-1khp
23
vulnerability VCID-cvqm-kjhx-q7ej
24
vulnerability VCID-czph-uxwr-5uge
25
vulnerability VCID-duna-st9c-mqbk
26
vulnerability VCID-ea5s-xphb-6ub7
27
vulnerability VCID-eaqp-7abt-6kg9
28
vulnerability VCID-eu27-a3px-87ed
29
vulnerability VCID-fs9k-21es-rygd
30
vulnerability VCID-fsex-f512-pudv
31
vulnerability VCID-fumj-9pun-zfc5
32
vulnerability VCID-gdz8-d8j3-nqdh
33
vulnerability VCID-h8xn-n98n-qqdv
34
vulnerability VCID-hbky-xx53-vkct
35
vulnerability VCID-hck4-emsr-q7dc
36
vulnerability VCID-j3t3-svwb-p7bn
37
vulnerability VCID-jcq6-btgz-fkf6
38
vulnerability VCID-k1bh-ymgt-e7cd
39
vulnerability VCID-k6pw-51st-b3d2
40
vulnerability VCID-k73h-z6j8-gkgz
41
vulnerability VCID-krn6-pwk5-ake2
42
vulnerability VCID-kzwd-2e6n-fkbm
43
vulnerability VCID-m3np-aebb-8qaa
44
vulnerability VCID-m4zv-e3dn-budf
45
vulnerability VCID-mkfz-e1ft-2bcw
46
vulnerability VCID-nntc-dsz1-e3fp
47
vulnerability VCID-q3wv-9hj6-vbgt
48
vulnerability VCID-qhv1-wgpm-7fh6
49
vulnerability VCID-qpu2-8paz-7ydv
50
vulnerability VCID-qxyw-7hnt-hqd6
51
vulnerability VCID-r6kn-b963-eqge
52
vulnerability VCID-r88h-mteg-yka9
53
vulnerability VCID-rdfn-52p2-afa7
54
vulnerability VCID-s5cy-eva4-wbaf
55
vulnerability VCID-s6uu-335k-yfbc
56
vulnerability VCID-ucg8-htfc-2bhn
57
vulnerability VCID-uptz-tj66-7yfk
58
vulnerability VCID-uvgt-7m5a-xkdc
59
vulnerability VCID-v4qm-48kk-pfaz
60
vulnerability VCID-v7zm-cw8w-6yf8
61
vulnerability VCID-vb67-yux5-ayhf
62
vulnerability VCID-vda3-4fgr-gfbw
63
vulnerability VCID-vfp6-4h8n-bkax
64
vulnerability VCID-vrfy-36yc-muhr
65
vulnerability VCID-vs2j-b4qg-nbgu
66
vulnerability VCID-vwyj-z4gf-8fg5
67
vulnerability VCID-w9ca-exua-g7ar
68
vulnerability VCID-x7rg-rsb5-pya7
69
vulnerability VCID-xmm4-zw49-3feh
70
vulnerability VCID-xnmk-jah2-ufce
71
vulnerability VCID-y8up-cqtu-jkdw
72
vulnerability VCID-yghg-775s-vber
73
vulnerability VCID-zjrq-np3y-hua5
74
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.0
References
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0122
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38101
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0122
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/3d7810ab3d67a423a760ba89ae75de81d940b236
5
reference_url https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4d4867503c2467cb04660d9cb314d22f56004054
6
reference_url https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5c45ea0c6bf2fdf4dddfaef9fc5ff12e6b426a3f
7
reference_url https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7748e17207b1a28118d9dc622878da22f956d3fe
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256418
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256418
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0122
reference_id CVE-2014-0122
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0122
10
reference_url https://github.com/advisories/GHSA-f9m9-494r-w36p
reference_id GHSA-f9m9-494r-w36p
reference_type
scores
url https://github.com/advisories/GHSA-f9m9-494r-w36p
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6v43-drd7-ufd7