Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/60269?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/60269?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "type": "composer", "namespace": "moodle", "name": "moodle", "version": "3.9.12", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.9.13", "latest_non_vulnerable_version": "5.1.2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42179?format=api", "vulnerability_id": "VCID-57wg-wxss-jbaw", "summary": "Incorrect Authorization\nThe `calendar:manageentries` capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48421", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0333" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043663", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043663" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/2ee27313cea0d7073f5a6a35eccdfddcb3a9adad", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/2ee27313cea0d7073f5a6a35eccdfddcb3a9adad" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431100", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431100" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0333", "reference_id": "CVE-2022-0333", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0333" }, { "reference_url": "https://github.com/advisories/GHSA-m434-m5pv-p35w", "reference_id": "GHSA-m434-m5pv-p35w", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m434-m5pv-p35w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59620?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hk13-uc46-87h1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/60269?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/59621?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/60270?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95f1-6g3r-rkg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/60265?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0333", "GHSA-m434-m5pv-p35w" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57wg-wxss-jbaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42176?format=api", "vulnerability_id": "VCID-hk13-uc46-87h1", "summary": "Exposure of Resource to Wrong Sphere\nInsufficient capability checks could lead to users accessing their grade report for courses where they does not have the required `gradereport/user:view` capability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0334", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35057", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043664", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043664" }, { "reference_url": "https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/1964d68f8500ea3c7b776fa8a2af6266ed109f84" }, { "reference_url": "https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/6d18f136ae88ec97e351a723df570816a959ec68" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431102", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0334", "reference_id": "CVE-2022-0334", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0334" }, { "reference_url": "https://github.com/advisories/GHSA-93pj-4p65-qmr9", "reference_id": "GHSA-93pj-4p65-qmr9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-93pj-4p65-qmr9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59620?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hk13-uc46-87h1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/60269?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/59621?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/60270?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95f1-6g3r-rkg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/60265?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0334", "GHSA-93pj-4p65-qmr9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hk13-uc46-87h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42180?format=api", "vulnerability_id": "VCID-qfvz-hf8h-8bb3", "summary": "Cross-Site Request Forgery (CSRF)\nThe `delete badge alignment` functionality does not include the necessary token check to prevent a CSRF risk.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28796", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0335" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043666", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2043666" }, { "reference_url": "https://github.com/moodle/moodle", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle" }, { "reference_url": "https://github.com/moodle/moodle/commit/d40cc61eba229c6d1f47b9a525022fbc9136b9f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moodle/moodle/commit/d40cc61eba229c6d1f47b9a525022fbc9136b9f6" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=431103", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moodle.org/mod/forum/discuss.php?d=431103" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0335", "reference_id": "CVE-2022-0335", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0335" }, { "reference_url": "https://github.com/advisories/GHSA-xpfv-89vg-r562", "reference_id": "GHSA-xpfv-89vg-r562", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xpfv-89vg-r562" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59620?format=api", "purl": "pkg:composer/moodle/moodle@3.9.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-hk13-uc46-87h1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/60269?format=api", "purl": "pkg:composer/moodle/moodle@3.9.12", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/59621?format=api", "purl": "pkg:composer/moodle/moodle@3.10.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/60270?format=api", "purl": "pkg:composer/moodle/moodle@3.10.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95f1-6g3r-rkg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.10.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/60265?format=api", "purl": "pkg:composer/moodle/moodle@3.11.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.11.5" } ], "aliases": [ "CVE-2022-0335", "GHSA-xpfv-89vg-r562" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfvz-hf8h-8bb3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.9.12" }