Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/62060?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "type": "composer", "namespace": "moodle", "name": "moodle", "version": "2.6.4", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.6.6", "latest_non_vulnerable_version": "5.1.2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43548?format=api", "vulnerability_id": "VCID-1ehh-qz6c-ykhp", "summary": "Moodle allows attackers to obtain username and course information\nMoodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in (1) notes/index.php and (2) user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a modified URL.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45760" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/2ca9e09dab3ff374e1026780b23c63751f4ee312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/2ca9e09dab3ff374e1026780b23c63751f4ee312" }, { "reference_url": "https://github.com/moodle/moodle/commit/74556525de9617c593c3e08269d6d541c6576c90", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/74556525de9617c593c3e08269d6d541c6576c90" }, { "reference_url": "https://github.com/moodle/moodle/commit/8f7d596058a18c60b795b4677b59cf074c56de39", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/8f7d596058a18c60b795b4677b59cf074c56de39" }, { "reference_url": "https://github.com/moodle/moodle/commit/9dbf62d23017a91fcbf63bba7f2eb4835f77b8c9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/9dbf62d23017a91fcbf63bba7f2eb4835f77b8c9" }, { "reference_url": "https://github.com/moodle/moodle/commit/dc97145785b9ae192168659c65309bca61a58151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/dc97145785b9ae192168659c65309bca61a58151" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264267" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3546", "reference_id": "CVE-2014-3546", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3546" }, { "reference_url": "https://github.com/advisories/GHSA-4c5g-w3gf-rf4f", "reference_id": "GHSA-4c5g-w3gf-rf4f", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4c5g-w3gf-rf4f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3546", "GHSA-4c5g-w3gf-rf4f" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ehh-qz6c-ykhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43321?format=api", "vulnerability_id": "VCID-czph-uxwr-5uge", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via an external badge.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46042" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/0174a0a57f6d84e240dd0bc0df0ffa63c3cc5a88", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/0174a0a57f6d84e240dd0bc0df0ffa63c3cc5a88" }, { "reference_url": "https://github.com/moodle/moodle/commit/200a2b7fad3f7ef92b3171a07d68df6958d842b7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/200a2b7fad3f7ef92b3171a07d68df6958d842b7" }, { "reference_url": "https://github.com/moodle/moodle/commit/9eef6b5237520f0cb9874564e577c64e3a831987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/9eef6b5237520f0cb9874564e577c64e3a831987" }, { "reference_url": "https://github.com/moodle/moodle/commit/ea76b652fc4f3600403a61e54f198cc8570a4234", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/ea76b652fc4f3600403a61e54f198cc8570a4234" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264269" }, { "reference_url": "http://www.securityfocus.com/bid/68758", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68758" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3547", "reference_id": "CVE-2014-3547", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3547" }, { "reference_url": "https://github.com/advisories/GHSA-hwjv-mc78-cccj", "reference_id": "GHSA-hwjv-mc78-cccj", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-hwjv-mc78-cccj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3547", "GHSA-hwjv-mc78-cccj" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czph-uxwr-5uge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43463?format=api", "vulnerability_id": "VCID-ea5s-xphb-6ub7", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/lti/service.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45463" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/78ed99ec7e5e75b283e844adb058140d6ba0ff14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/78ed99ec7e5e75b283e844adb058140d6ba0ff14" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3542", "reference_id": "CVE-2014-3542", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3542" }, { "reference_url": "https://github.com/advisories/GHSA-xmwv-mqh8-4xgw", "reference_id": "GHSA-xmwv-mqh8-4xgw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-xmwv-mqh8-4xgw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3542", "GHSA-xmwv-mqh8-4xgw" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ea5s-xphb-6ub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43392?format=api", "vulnerability_id": "VCID-h8xn-n98n-qqdv", "summary": "Exposure of Sensitive Information to an Unauthorized Actor\nmod/imscp/locallib.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to read arbitrary files via a package with a manifest file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue affecting IMSCP resources and the IMSCC format.", "references": [ { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/595ef4772d330a20c757635ab090acdcc9b2a2fa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/595ef4772d330a20c757635ab090acdcc9b2a2fa" }, { "reference_url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=595ef4772d330a20c757635ab090acdcc9b2a2fa", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.moodle.org/gw?p=moodle.git;a=commit;h=595ef4772d330a20c757635ab090acdcc9b2a2fa" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264264" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3543", "reference_id": "CVE-2014-3543", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3543" }, { "reference_url": "https://github.com/advisories/GHSA-27j2-c838-c3qg", "reference_id": "GHSA-27j2-c838-c3qg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-27j2-c838-c3qg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3543", "GHSA-27j2-c838-c3qg" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h8xn-n98n-qqdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43779?format=api", "vulnerability_id": "VCID-qxyw-7hnt-hqd6", "summary": "Improper Control of Generation of Code ('Code Injection')\nMoodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to execute arbitrary code via a calculated question in a quiz.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46148" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/blob/1474f74687dda57c7d011b92d16f25b9870d2799/question/type/calculated/question.php#L426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/blob/1474f74687dda57c7d011b92d16f25b9870d2799/question/type/calculated/question.php#L426" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264266" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3545", "reference_id": "CVE-2014-3545", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3545" }, { "reference_url": "https://github.com/advisories/GHSA-3m99-h3hp-w9j7", "reference_id": "GHSA-3m99-h3hp-w9j7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-3m99-h3hp-w9j7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3545", "GHSA-3m99-h3hp-w9j7" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxyw-7hnt-hqd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43446?format=api", "vulnerability_id": "VCID-r88h-mteg-yka9", "summary": "Improper Control of Generation of Code ('Code Injection')\nThe Repositories component in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary code via serialized data associated with an add-on.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45616" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/3fe105953d14766393e24372806fcf0a2b77c96d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/3fe105953d14766393e24372806fcf0a2b77c96d" }, { "reference_url": "https://github.com/moodle/moodle/commit/40d52d4067c2ee062a5b16c780753c6f97413894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/40d52d4067c2ee062a5b16c780753c6f97413894" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c4ef26c39d3106315f74c26cdcca779ba74254c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/5c4ef26c39d3106315f74c26cdcca779ba74254c" }, { "reference_url": "https://github.com/moodle/moodle/commit/61961447c29d48e5a494e7c02e653d6ff00551b2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/61961447c29d48e5a494e7c02e653d6ff00551b2" }, { "reference_url": "https://github.com/moodle/moodle/commit/68170f0b01ccaade799c4cab2312ce6a825fb844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/68170f0b01ccaade799c4cab2312ce6a825fb844" }, { "reference_url": "https://github.com/moodle/moodle/commit/7bcf9b1e2cbdd1e877b828da75b17e3f8318fafc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/7bcf9b1e2cbdd1e877b828da75b17e3f8318fafc" }, { "reference_url": "https://github.com/moodle/moodle/commit/867f40990bde6152e01604d106ddac8433018f42", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/867f40990bde6152e01604d106ddac8433018f42" }, { "reference_url": "https://github.com/moodle/moodle/commit/cb2b42aed8d9ce3c9840ad825f2e0e7e81bfad91", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/cb2b42aed8d9ce3c9840ad825f2e0e7e81bfad91" }, { "reference_url": "https://github.com/moodle/moodle/commit/e29bb97c0756de511ba287b40790d8275a991d33", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/e29bb97c0756de511ba287b40790d8275a991d33" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264262" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3541", "reference_id": "CVE-2014-3541", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3541" }, { "reference_url": "https://github.com/advisories/GHSA-fccf-p8fx-vjj4", "reference_id": "GHSA-fccf-p8fx-vjj4", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fccf-p8fx-vjj4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3541", "GHSA-fccf-p8fx-vjj4" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r88h-mteg-yka9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43448?format=api", "vulnerability_id": "VCID-s5cy-eva4-wbaf", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) qualification or (2) rating field in a rubric.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-46223" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/1f8eb0842835bcd1ea72b2d2982e0b5c8bc133bb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/1f8eb0842835bcd1ea72b2d2982e0b5c8bc133bb" }, { "reference_url": "https://github.com/moodle/moodle/commit/2c0b608cda12540de79aac0ee6952dda2c8ed947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/2c0b608cda12540de79aac0ee6952dda2c8ed947" }, { "reference_url": "https://github.com/moodle/moodle/commit/470a466d7f1e0aef030ad2178bbef5a81765c42e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/470a466d7f1e0aef030ad2178bbef5a81765c42e" }, { "reference_url": "https://github.com/moodle/moodle/commit/4fc5861cbacdc2f4197faebd3d207d2811e0f09f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/4fc5861cbacdc2f4197faebd3d207d2811e0f09f" }, { "reference_url": "https://github.com/moodle/moodle/commit/555ee08b17dfe09e02391be137f60fe38c0a7865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/555ee08b17dfe09e02391be137f60fe38c0a7865" }, { "reference_url": "https://github.com/moodle/moodle/commit/666248c264642e5ca27601b347fc6913517e2853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/666248c264642e5ca27601b347fc6913517e2853" }, { "reference_url": "https://github.com/moodle/moodle/commit/68299e6154ae41b7e586904fd1b860cad7f65654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/68299e6154ae41b7e586904fd1b860cad7f65654" }, { "reference_url": "https://github.com/moodle/moodle/commit/72d1a3ab0b002a9a5f32f3c2b61ffc9fa7f7b789", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/72d1a3ab0b002a9a5f32f3c2b61ffc9fa7f7b789" }, { "reference_url": "https://github.com/moodle/moodle/commit/7f4db6f4d9014370df0265ab846ad76235af0cae", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/7f4db6f4d9014370df0265ab846ad76235af0cae" }, { "reference_url": "https://github.com/moodle/moodle/commit/8380722bb11f36d33308580aee169e161d3f2c14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/8380722bb11f36d33308580aee169e161d3f2c14" }, { "reference_url": "https://github.com/moodle/moodle/commit/8ecc049f7f020086c1881bdf573af16cf2d9f9c9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/8ecc049f7f020086c1881bdf573af16cf2d9f9c9" }, { "reference_url": "https://github.com/moodle/moodle/commit/98d5566c2270e21cbfaf1f4e8d61039f05d6aae2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/98d5566c2270e21cbfaf1f4e8d61039f05d6aae2" }, { "reference_url": "https://github.com/moodle/moodle/commit/b5dacb548800ee10d4940c8ebeca48c3c2ae0512", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/b5dacb548800ee10d4940c8ebeca48c3c2ae0512" }, { "reference_url": "https://github.com/moodle/moodle/commit/db5a6e6560c963849f8807184ca32efee6779264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/db5a6e6560c963849f8807184ca32efee6779264" }, { "reference_url": "https://github.com/moodle/moodle/commit/e42b6e20bdd5d6f09bc09be22fd7f20736e27085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/e42b6e20bdd5d6f09bc09be22fd7f20736e27085" }, { "reference_url": "https://github.com/moodle/moodle/commit/eb1381de1dbcce0215dcdd62cfac4fe287beed4e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/eb1381de1dbcce0215dcdd62cfac4fe287beed4e" }, { "reference_url": "https://github.com/moodle/moodle/commit/f25f472be425d6ef8aa587648dafda1bd4d1c5d8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/f25f472be425d6ef8aa587648dafda1bd4d1c5d8" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264273" }, { "reference_url": "https://web.archive.org/web/20200228170658/http://www.securityfocus.com/bid/68763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200228170658/http://www.securityfocus.com/bid/68763" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3551", "reference_id": "CVE-2014-3551", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3551" }, { "reference_url": "https://github.com/advisories/GHSA-m8f5-9wg8-2c3h", "reference_id": "GHSA-m8f5-9wg8-2c3h", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m8f5-9wg8-2c3h" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3551", "GHSA-m8f5-9wg8-2c3h" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s5cy-eva4-wbaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43506?format=api", "vulnerability_id": "VCID-ucg8-htfc-2bhn", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via the Skype ID profile field.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/" }, { "reference_url": "http://osvdb.org/show/osvdb/109337", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/show/osvdb/109337" }, { "reference_url": "http://packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html" }, { "reference_url": "https://github.com/moodle/moodle/commit/0207466e778baebff21c7b72bc688761f9c5b0d9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/0207466e778baebff21c7b72bc688761f9c5b0d9" }, { "reference_url": "https://github.com/moodle/moodle/commit/739d227c58886e9a1be1426ed66053f1d37ee9a9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/739d227c58886e9a1be1426ed66053f1d37ee9a9" }, { "reference_url": "https://github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d" }, { "reference_url": "https://github.com/moodle/moodle/commit/f7b6562f20f6af4119c7775477cffbaa83229f74", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/f7b6562f20f6af4119c7775477cffbaa83229f74" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264265", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264265" }, { "reference_url": "http://www.exploit-db.com/exploits/34169", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exploit-db.com/exploits/34169" }, { "reference_url": "http://www.securityfocus.com/bid/68756", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68756" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3544", "reference_id": "CVE-2014-3544", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3544" }, { "reference_url": "https://github.com/advisories/GHSA-c9jp-244j-vh78", "reference_id": "GHSA-c9jp-244j-vh78", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-c9jp-244j-vh78" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3544", "GHSA-c9jp-244j-vh78" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucg8-htfc-2bhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43628?format=api", "vulnerability_id": "VCID-v4qm-48kk-pfaz", "summary": "Moodle does not enforce the moodle/site:accessallgroups capability requirement\nmod/forum/classes/post_form.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce the moodle/site:accessallgroups capability requirement before proceeding with a post to all groups, which allows remote authenticated users to bypass intended access restrictions by leveraging two or more group memberships.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38990" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/5c74e0daca748ffbbbf17a410abd8c85335b2116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/5c74e0daca748ffbbbf17a410abd8c85335b2116" }, { "reference_url": "https://github.com/moodle/moodle/commit/91c8d4da71a6706c70071f9182e8ae6110c86d70", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/91c8d4da71a6706c70071f9182e8ae6110c86d70" }, { "reference_url": "https://github.com/moodle/moodle/commit/e3fd900dcda7b603d7e0749008abd0d01290bbc3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/e3fd900dcda7b603d7e0749008abd0d01290bbc3" }, { "reference_url": "https://github.com/moodle/moodle/commit/f2946a5419a94f19cb3490a249fe0bb50161f254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/f2946a5419a94f19cb3490a249fe0bb50161f254" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264268" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3553", "reference_id": "CVE-2014-3553", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3553" }, { "reference_url": "https://github.com/advisories/GHSA-mg69-5q59-8jcg", "reference_id": "GHSA-mg69-5q59-8jcg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-mg69-5q59-8jcg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3553", "GHSA-mg69-5q59-8jcg" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v4qm-48kk-pfaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43785?format=api", "vulnerability_id": "VCID-vs2j-b4qg-nbgu", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nMultiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.", "references": [ { "reference_url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45471" }, { "reference_url": "http://openwall.com/lists/oss-security/2014/07/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2014/07/21/1" }, { "reference_url": "https://github.com/moodle/moodle/commit/166e18d7cbb36d58d08a2783edd98284d5a3b98a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/166e18d7cbb36d58d08a2783edd98284d5a3b98a" }, { "reference_url": "https://github.com/moodle/moodle/commit/53ca351f7af8d80a0ff0aba27a1c278fb731d288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/53ca351f7af8d80a0ff0aba27a1c278fb731d288" }, { "reference_url": "https://github.com/moodle/moodle/commit/6eb787b873f5d3718dc8a74f798ee528d600d8fe", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/6eb787b873f5d3718dc8a74f798ee528d600d8fe" }, { "reference_url": "https://github.com/moodle/moodle/commit/a1ae35173b54ed0c2c3736dfa78cad9899a55d4e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/moodle/moodle/commit/a1ae35173b54ed0c2c3736dfa78cad9899a55d4e" }, { "reference_url": "https://moodle.org/mod/forum/discuss.php?d=264270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://moodle.org/mod/forum/discuss.php?d=264270" }, { "reference_url": "https://web.archive.org/web/20200228161543/http://www.securityfocus.com/bid/68766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://web.archive.org/web/20200228161543/http://www.securityfocus.com/bid/68766" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3548", "reference_id": "CVE-2014-3548", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3548" }, { "reference_url": "https://github.com/advisories/GHSA-f66h-6mj2-rwj2", "reference_id": "GHSA-f66h-6mj2-rwj2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-f66h-6mj2-rwj2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62209?format=api", "purl": "pkg:composer/moodle/moodle@2.4.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.4.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/62059?format=api", "purl": "pkg:composer/moodle/moodle@2.5.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.5.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/62060?format=api", "purl": "pkg:composer/moodle/moodle@2.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/62061?format=api", "purl": "pkg:composer/moodle/moodle@2.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.1" } ], "aliases": [ "CVE-2014-3548", "GHSA-f66h-6mj2-rwj2" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vs2j-b4qg-nbgu" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.4" }