Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-88pw-zwqn-cqfd
Summary
Moodle places a session key in a URL
repository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 places a session key in a URL, which allows remote attackers to bypass intended Alfresco Repository file restrictions by impersonating a file's owner.
Aliases
0
alias CVE-2014-0125
1
alias GHSA-j465-7mp6-3xg3
Fixed_packages
0
url pkg:composer/moodle/moodle@2.4.9
purl pkg:composer/moodle/moodle@2.4.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.9
1
url pkg:composer/moodle/moodle@2.5.5
purl pkg:composer/moodle/moodle@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.5
2
url pkg:composer/moodle/moodle@2.6.2
purl pkg:composer/moodle/moodle@2.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2s6b-tp6p-gue1
1
vulnerability VCID-37pj-u3gh-n7fd
2
vulnerability VCID-65y9-9ur2-pugc
3
vulnerability VCID-83kb-4mk9-t7ge
4
vulnerability VCID-a6pb-47tu-afcg
5
vulnerability VCID-ajkr-fxa1-mkhk
6
vulnerability VCID-an53-nu91-k3d7
7
vulnerability VCID-bjnq-q2nd-1khp
8
vulnerability VCID-duna-st9c-mqbk
9
vulnerability VCID-eaqp-7abt-6kg9
10
vulnerability VCID-eu27-a3px-87ed
11
vulnerability VCID-fsex-f512-pudv
12
vulnerability VCID-jcq6-btgz-fkf6
13
vulnerability VCID-k1bh-ymgt-e7cd
14
vulnerability VCID-k6pw-51st-b3d2
15
vulnerability VCID-k73h-z6j8-gkgz
16
vulnerability VCID-m3np-aebb-8qaa
17
vulnerability VCID-m4zv-e3dn-budf
18
vulnerability VCID-mkfz-e1ft-2bcw
19
vulnerability VCID-nntc-dsz1-e3fp
20
vulnerability VCID-qhv1-wgpm-7fh6
21
vulnerability VCID-qpu2-8paz-7ydv
22
vulnerability VCID-r6kn-b963-eqge
23
vulnerability VCID-s6uu-335k-yfbc
24
vulnerability VCID-vb67-yux5-ayhf
25
vulnerability VCID-vfp6-4h8n-bkax
26
vulnerability VCID-w9ca-exua-g7ar
27
vulnerability VCID-x7rg-rsb5-pya7
28
vulnerability VCID-xmm4-zw49-3feh
29
vulnerability VCID-y8up-cqtu-jkdw
30
vulnerability VCID-yghg-775s-vber
31
vulnerability VCID-zjrq-np3y-hua5
32
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.2
Affected_packages
0
url pkg:composer/moodle/moodle@2.5.0
purl pkg:composer/moodle/moodle@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1whm-dsv7-t7gm
2
vulnerability VCID-2s6b-tp6p-gue1
3
vulnerability VCID-37pj-u3gh-n7fd
4
vulnerability VCID-4v57-bu85-syhr
5
vulnerability VCID-4xqt-yugc-qufr
6
vulnerability VCID-5ru2-1n1f-afa4
7
vulnerability VCID-65y9-9ur2-pugc
8
vulnerability VCID-6v43-drd7-ufd7
9
vulnerability VCID-7g7m-bu5q-gbcx
10
vulnerability VCID-83kb-4mk9-t7ge
11
vulnerability VCID-88pw-zwqn-cqfd
12
vulnerability VCID-a6pb-47tu-afcg
13
vulnerability VCID-ajkr-fxa1-mkhk
14
vulnerability VCID-an53-nu91-k3d7
15
vulnerability VCID-bjnq-q2nd-1khp
16
vulnerability VCID-cvqm-kjhx-q7ej
17
vulnerability VCID-czph-uxwr-5uge
18
vulnerability VCID-duna-st9c-mqbk
19
vulnerability VCID-ea5s-xphb-6ub7
20
vulnerability VCID-eaqp-7abt-6kg9
21
vulnerability VCID-eu27-a3px-87ed
22
vulnerability VCID-fsex-f512-pudv
23
vulnerability VCID-gdz8-d8j3-nqdh
24
vulnerability VCID-h8xn-n98n-qqdv
25
vulnerability VCID-j3t3-svwb-p7bn
26
vulnerability VCID-jcq6-btgz-fkf6
27
vulnerability VCID-k1bh-ymgt-e7cd
28
vulnerability VCID-k6pw-51st-b3d2
29
vulnerability VCID-k73h-z6j8-gkgz
30
vulnerability VCID-m3np-aebb-8qaa
31
vulnerability VCID-m4zv-e3dn-budf
32
vulnerability VCID-mkfz-e1ft-2bcw
33
vulnerability VCID-nntc-dsz1-e3fp
34
vulnerability VCID-q3wv-9hj6-vbgt
35
vulnerability VCID-qhv1-wgpm-7fh6
36
vulnerability VCID-qpu2-8paz-7ydv
37
vulnerability VCID-qxyw-7hnt-hqd6
38
vulnerability VCID-r6kn-b963-eqge
39
vulnerability VCID-r88h-mteg-yka9
40
vulnerability VCID-rdfn-52p2-afa7
41
vulnerability VCID-s5cy-eva4-wbaf
42
vulnerability VCID-s6uu-335k-yfbc
43
vulnerability VCID-ucg8-htfc-2bhn
44
vulnerability VCID-vb67-yux5-ayhf
45
vulnerability VCID-vfp6-4h8n-bkax
46
vulnerability VCID-vrfy-36yc-muhr
47
vulnerability VCID-vs2j-b4qg-nbgu
48
vulnerability VCID-vwyj-z4gf-8fg5
49
vulnerability VCID-w9ca-exua-g7ar
50
vulnerability VCID-x7rg-rsb5-pya7
51
vulnerability VCID-xmm4-zw49-3feh
52
vulnerability VCID-y8up-cqtu-jkdw
53
vulnerability VCID-yghg-775s-vber
54
vulnerability VCID-zjrq-np3y-hua5
55
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.0
1
url pkg:composer/moodle/moodle@2.6.0
purl pkg:composer/moodle/moodle@2.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ehh-qz6c-ykhp
1
vulnerability VCID-1rar-m2g3-27ag
2
vulnerability VCID-1whm-dsv7-t7gm
3
vulnerability VCID-29yj-e9bd-queq
4
vulnerability VCID-2s6b-tp6p-gue1
5
vulnerability VCID-37pj-u3gh-n7fd
6
vulnerability VCID-3xwm-hqap-8bct
7
vulnerability VCID-4v57-bu85-syhr
8
vulnerability VCID-4xqt-yugc-qufr
9
vulnerability VCID-5c29-qn3p-3yde
10
vulnerability VCID-5ru2-1n1f-afa4
11
vulnerability VCID-65y9-9ur2-pugc
12
vulnerability VCID-6v43-drd7-ufd7
13
vulnerability VCID-7g7m-bu5q-gbcx
14
vulnerability VCID-7x8g-tdd5-kqbs
15
vulnerability VCID-83kb-4mk9-t7ge
16
vulnerability VCID-88pw-zwqn-cqfd
17
vulnerability VCID-8q4n-d565-kfbn
18
vulnerability VCID-a6pb-47tu-afcg
19
vulnerability VCID-ajkr-fxa1-mkhk
20
vulnerability VCID-an53-nu91-k3d7
21
vulnerability VCID-bfmx-cwap-8yhp
22
vulnerability VCID-bjnq-q2nd-1khp
23
vulnerability VCID-cvqm-kjhx-q7ej
24
vulnerability VCID-czph-uxwr-5uge
25
vulnerability VCID-duna-st9c-mqbk
26
vulnerability VCID-ea5s-xphb-6ub7
27
vulnerability VCID-eaqp-7abt-6kg9
28
vulnerability VCID-eu27-a3px-87ed
29
vulnerability VCID-fs9k-21es-rygd
30
vulnerability VCID-fsex-f512-pudv
31
vulnerability VCID-fumj-9pun-zfc5
32
vulnerability VCID-gdz8-d8j3-nqdh
33
vulnerability VCID-h8xn-n98n-qqdv
34
vulnerability VCID-hbky-xx53-vkct
35
vulnerability VCID-hck4-emsr-q7dc
36
vulnerability VCID-j3t3-svwb-p7bn
37
vulnerability VCID-jcq6-btgz-fkf6
38
vulnerability VCID-k1bh-ymgt-e7cd
39
vulnerability VCID-k6pw-51st-b3d2
40
vulnerability VCID-k73h-z6j8-gkgz
41
vulnerability VCID-krn6-pwk5-ake2
42
vulnerability VCID-kzwd-2e6n-fkbm
43
vulnerability VCID-m3np-aebb-8qaa
44
vulnerability VCID-m4zv-e3dn-budf
45
vulnerability VCID-mkfz-e1ft-2bcw
46
vulnerability VCID-nntc-dsz1-e3fp
47
vulnerability VCID-q3wv-9hj6-vbgt
48
vulnerability VCID-qhv1-wgpm-7fh6
49
vulnerability VCID-qpu2-8paz-7ydv
50
vulnerability VCID-qxyw-7hnt-hqd6
51
vulnerability VCID-r6kn-b963-eqge
52
vulnerability VCID-r88h-mteg-yka9
53
vulnerability VCID-rdfn-52p2-afa7
54
vulnerability VCID-s5cy-eva4-wbaf
55
vulnerability VCID-s6uu-335k-yfbc
56
vulnerability VCID-ucg8-htfc-2bhn
57
vulnerability VCID-uptz-tj66-7yfk
58
vulnerability VCID-uvgt-7m5a-xkdc
59
vulnerability VCID-v4qm-48kk-pfaz
60
vulnerability VCID-v7zm-cw8w-6yf8
61
vulnerability VCID-vb67-yux5-ayhf
62
vulnerability VCID-vda3-4fgr-gfbw
63
vulnerability VCID-vfp6-4h8n-bkax
64
vulnerability VCID-vrfy-36yc-muhr
65
vulnerability VCID-vs2j-b4qg-nbgu
66
vulnerability VCID-vwyj-z4gf-8fg5
67
vulnerability VCID-w9ca-exua-g7ar
68
vulnerability VCID-x7rg-rsb5-pya7
69
vulnerability VCID-xmm4-zw49-3feh
70
vulnerability VCID-xnmk-jah2-ufce
71
vulnerability VCID-y8up-cqtu-jkdw
72
vulnerability VCID-yghg-775s-vber
73
vulnerability VCID-zjrq-np3y-hua5
74
vulnerability VCID-zwkk-zazw-6fgg
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.0
References
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409
1
reference_url http://openwall.com/lists/oss-security/2014/03/17/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2014/03/17/1
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0125
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.421
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0125
3
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
4
reference_url https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/4bc5dd32178cbaa62c466f74bf6d0ebafb697818
5
reference_url https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/a71a6de914bec01df4268d0547c7a52917c4192f
6
reference_url https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/ee8f17db890d7fa1bfc2cfd49ff8d21b41d29331
7
reference_url https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/f4f0aa27d43527c15070d00bc96be879876ccc38
8
reference_url https://moodle.org/mod/forum/discuss.php?d=256422
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=256422
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0125
reference_id CVE-2014-0125
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0125
10
reference_url https://github.com/advisories/GHSA-j465-7mp6-3xg3
reference_id GHSA-j465-7mp6-3xg3
reference_type
scores
url https://github.com/advisories/GHSA-j465-7mp6-3xg3
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-88pw-zwqn-cqfd