Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/moodle/moodle@2.7.4
Typecomposer
Namespacemoodle
Namemoodle
Version2.7.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.5
Latest_non_vulnerable_version5.1.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-46jw-xjbu-b3f1
vulnerability_id VCID-46jw-xjbu-b3f1
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48368
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48368
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/38ca8793b6faa6c35176537c8015cc4e76ce73f5
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/38ca8793b6faa6c35176537c8015cc4e76ce73f5
4
reference_url https://github.com/moodle/moodle/commit/7a15c996ebd90c776bae1a77573b95e8a43467b6
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/7a15c996ebd90c776bae1a77573b95e8a43467b6
5
reference_url https://github.com/moodle/moodle/commit/82356399b97be933c4d72f9c55b797e49b8c8232
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/82356399b97be933c4d72f9c55b797e49b8c8232
6
reference_url https://github.com/moodle/moodle/commit/b270bb0d75d2354b7fbf4b8ccf0b995037973684
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b270bb0d75d2354b7fbf4b8ccf0b995037973684
7
reference_url https://moodle.org/mod/forum/discuss.php?d=278612
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278612
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0212
reference_id CVE-2015-0212
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0212
9
reference_url https://github.com/advisories/GHSA-jj3j-mhgc-g4m4
reference_id GHSA-jj3j-mhgc-g4m4
reference_type
scores
url https://github.com/advisories/GHSA-jj3j-mhgc-g4m4
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0212, GHSA-jj3j-mhgc-g4m4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46jw-xjbu-b3f1
1
url VCID-5nfq-4syg-87da
vulnerability_id VCID-5nfq-4syg-87da
summary 
Cross-Site Request Forgery (CSRF)
Cross-site request forgery (CSRF) vulnerability in auth/shibboleth/logout.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47964
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47964
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/371d58d70d4ef866f35e33ea6898007112bfe654
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/371d58d70d4ef866f35e33ea6898007112bfe654
4
reference_url https://github.com/moodle/moodle/commit/693918c30e6b7c95dddd9c5973f98d98342a59d9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/693918c30e6b7c95dddd9c5973f98d98342a59d9
5
reference_url https://github.com/moodle/moodle/commit/b82b4c562b705ea8f11893d9126889bb696b9612
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/b82b4c562b705ea8f11893d9126889bb696b9612
6
reference_url https://github.com/moodle/moodle/commit/fb60e23a67931eeba8fc9aacf3cc838e462f21f2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fb60e23a67931eeba8fc9aacf3cc838e462f21f2
7
reference_url https://moodle.org/mod/forum/discuss.php?d=278618
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278618
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0218
reference_id CVE-2015-0218
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0218
9
reference_url https://github.com/advisories/GHSA-5jph-mvfm-r27p
reference_id GHSA-5jph-mvfm-r27p
reference_type
scores
url https://github.com/advisories/GHSA-5jph-mvfm-r27p
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0218, GHSA-5jph-mvfm-r27p
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5nfq-4syg-87da
2
url VCID-95mq-m2jz-a3ab
vulnerability_id VCID-95mq-m2jz-a3ab
summary 
Moodle allows attackers to cause a denial of service
filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/01da07a42be0f69de9f316be6ee8cb25ecd60c19
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/01da07a42be0f69de9f316be6ee8cb25ecd60c19
4
reference_url https://github.com/moodle/moodle/commit/25191bc31187f6381ad9fc690b653414ea3bc6d4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/25191bc31187f6381ad9fc690b653414ea3bc6d4
5
reference_url https://github.com/moodle/moodle/commit/531492a32cf77f90bc48c4868a5f71dd7040049f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/531492a32cf77f90bc48c4868a5f71dd7040049f
6
reference_url https://github.com/moodle/moodle/commit/5329d84f0b5767f5bb800b203bfb89753ac35146
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5329d84f0b5767f5bb800b203bfb89753ac35146
7
reference_url https://github.com/moodle/moodle/commit/63ed941a9363b6da3322df2b8de5be0d1df6d81a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/63ed941a9363b6da3322df2b8de5be0d1df6d81a
8
reference_url https://github.com/moodle/moodle/commit/70229b7ec718ee3929109c54de74a8d14264a166
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/70229b7ec718ee3929109c54de74a8d14264a166
9
reference_url https://github.com/moodle/moodle/commit/d11969e7775b0fc1a2debf6ec91e42d25b0eeecd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/d11969e7775b0fc1a2debf6ec91e42d25b0eeecd
10
reference_url https://moodle.org/mod/forum/discuss.php?d=278617
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278617
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0217
reference_id CVE-2015-0217
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0217
12
reference_url https://github.com/advisories/GHSA-p497-37fc-xvvc
reference_id GHSA-p497-37fc-xvvc
reference_type
scores
url https://github.com/advisories/GHSA-p497-37fc-xvvc
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0217, GHSA-p497-37fc-xvvc
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95mq-m2jz-a3ab
3
url VCID-9z66-z9af-17f7
vulnerability_id VCID-9z66-z9af-17f7
summary 
Moodle allows attackers to bypass a messaging-disabled setting
message/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to bypass a messaging-disabled setting via a web-services request, as demonstrated by a people-search request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48329
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48329
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/436bbf8975f0daef329c6483ec595dbf9b39ee56
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/436bbf8975f0daef329c6483ec595dbf9b39ee56
4
reference_url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
5
reference_url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
6
reference_url https://github.com/moodle/moodle/commits/v2.6.7#:~:text=MDL%2D48106%20mod_glossary%3A%20Add%20missing%20sesskey%20checks
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commits/v2.6.7#:~:text=MDL%2D48106%20mod_glossary%3A%20Add%20missing%20sesskey%20checks
7
reference_url https://moodle.org/mod/forum/discuss.php?d=278614
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278614
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0214
reference_id CVE-2015-0214
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0214
9
reference_url https://github.com/advisories/GHSA-4jm2-c9jr-6prf
reference_id GHSA-4jm2-c9jr-6prf
reference_type
scores
url https://github.com/advisories/GHSA-4jm2-c9jr-6prf
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0214, GHSA-4jm2-c9jr-6prf
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9z66-z9af-17f7
4
url VCID-a3pu-x51u-1udr
vulnerability_id VCID-a3pu-x51u-1udr
summary 
Exposure of Sensitive Information to an Unauthorized Actor
calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to obtain sensitive calendar-event information via a web-services request.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48017
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48017
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
4
reference_url https://github.com/moodle/moodle/commit/76aea854f6877cc5accb288bc6ac60bc55d30788
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/76aea854f6877cc5accb288bc6ac60bc55d30788
5
reference_url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
6
reference_url https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea
7
reference_url https://moodle.org/mod/forum/discuss.php?d=278615
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278615
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0215
reference_id CVE-2015-0215
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0215
9
reference_url https://github.com/advisories/GHSA-fr9m-pjmm-qx9f
reference_id GHSA-fr9m-pjmm-qx9f
reference_type
scores
url https://github.com/advisories/GHSA-fr9m-pjmm-qx9f
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0215, GHSA-fr9m-pjmm-qx9f
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3pu-x51u-1udr
5
url VCID-aqc8-tmeg-9fdd
vulnerability_id VCID-aqc8-tmeg-9fdd
summary 
Cross-Site Request Forgery (CSRF)
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/5770e5147838aa06a3ecdff6fc3aebbbd17fff90
4
reference_url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/c4250ef4f23776ff4862d2860b6be2cf7b2d85f6
5
reference_url https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/e83c756f84e16ab70e160e08deb84e9bc4bfbfea
6
reference_url https://moodle.org/mod/forum/discuss.php?d=278613
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278613
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0213
reference_id CVE-2015-0213
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0213
8
reference_url https://github.com/advisories/GHSA-hhq7-jf2p-hw9c
reference_id GHSA-hhq7-jf2p-hw9c
reference_type
scores
url https://github.com/advisories/GHSA-hhq7-jf2p-hw9c
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0213, GHSA-hhq7-jf2p-hw9c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqc8-tmeg-9fdd
6
url VCID-y2vh-7r7h-9ugu
vulnerability_id VCID-y2vh-7r7h-9ugu
summary 
Exposure of Sensitive Information to an Unauthorized Actor
mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 does not consider the moodle/course:manageactivities and mod/lti:addinstance capabilities before proceeding with registered-tool list searches, which allows remote authenticated users to obtain sensitive information via requests to the LTI Ajax service.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47920
1
reference_url http://openwall.com/lists/oss-security/2015/01/19/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2015/01/19/1
2
reference_url https://github.com/moodle/moodle
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle
3
reference_url https://github.com/moodle/moodle/commit/52555c36989b6704550ed0b3c6e832f5e7e150b7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/52555c36989b6704550ed0b3c6e832f5e7e150b7
4
reference_url https://github.com/moodle/moodle/commit/da4c33f510aabc0d7443c29a7c097cfd54b6c4a4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/da4c33f510aabc0d7443c29a7c097cfd54b6c4a4
5
reference_url https://github.com/moodle/moodle/commit/faf0cd9098517cd6274219b58f6f4a278d26455d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/faf0cd9098517cd6274219b58f6f4a278d26455d
6
reference_url https://github.com/moodle/moodle/commit/fc6619d5c0bb297e6736880ff5353bb668048002
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moodle/moodle/commit/fc6619d5c0bb297e6736880ff5353bb668048002
7
reference_url https://moodle.org/mod/forum/discuss.php?d=278611
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=278611
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0211
reference_id CVE-2015-0211
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-0211
9
reference_url https://github.com/advisories/GHSA-frhc-9hwc-x7j3
reference_id GHSA-frhc-9hwc-x7j3
reference_type
scores
url https://github.com/advisories/GHSA-frhc-9hwc-x7j3
fixed_packages
0
url pkg:composer/moodle/moodle@2.6.7
purl pkg:composer/moodle/moodle@2.6.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.6.7
1
url pkg:composer/moodle/moodle@2.7.4
purl pkg:composer/moodle/moodle@2.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4
2
url pkg:composer/moodle/moodle@2.8.2
purl pkg:composer/moodle/moodle@2.8.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.2
aliases CVE-2015-0211, GHSA-frhc-9hwc-x7j3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2vh-7r7h-9ugu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.4