VulnerableCode Package Details - pkg:composer/moodle/moodle@4.1.21

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2h6c-6mgm-akc2	Moodle vulnerable to brute-force password guesses Moodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.	CVE-2025-62399 GHSA-m58f-9pvv-8mp2
VCID-a6w6-penj-kuds	Moodle has a time restriction bypass An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.	CVE-2025-62401 GHSA-w29j-8phw-ffjf
VCID-fcf4-tf5h-hfcr	Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.	CVE-2025-62400 GHSA-422v-w6c5-vq42

Vulnerability

Summary

Aliases

VCID-2h6c-6mgm-akc2

Moodle vulnerable to brute-force password guesses Moodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.

CVE-2025-62399
GHSA-m58f-9pvv-8mp2

VCID-a6w6-penj-kuds

Moodle has a time restriction bypass An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.

CVE-2025-62401
GHSA-w29j-8phw-ffjf

VCID-fcf4-tf5h-hfcr

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

CVE-2025-62400
GHSA-422v-w6c5-vq42

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-31T01:05:43.351039+00:00	GHSA Importer	Fixing	VCID-2h6c-6mgm-akc2	https://github.com/advisories/GHSA-m58f-9pvv-8mp2	38.6.0
2026-05-31T01:05:43.309325+00:00	GHSA Importer	Fixing	VCID-a6w6-penj-kuds	https://github.com/advisories/GHSA-w29j-8phw-ffjf	38.6.0
2026-05-31T01:05:43.094323+00:00	GHSA Importer	Fixing	VCID-fcf4-tf5h-hfcr	https://github.com/advisories/GHSA-422v-w6c5-vq42	38.6.0
2026-05-30T21:04:32.138773+00:00	GitLab Importer	Fixing	VCID-a6w6-penj-kuds	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2025-62401.yml	38.6.0
2026-05-30T21:04:32.035472+00:00	GitLab Importer	Fixing	VCID-fcf4-tf5h-hfcr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2025-62400.yml	38.6.0
2026-05-30T21:04:31.485664+00:00	GitLab Importer	Fixing	VCID-2h6c-6mgm-akc2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2025-62399.yml	38.6.0