{"url":"http://public2.vulnerablecode.io/api/packages/57252?format=json","purl":"pkg:composer/moodle/moodle@3.5.6","type":"composer","namespace":"moodle","name":"moodle","version":"3.5.6","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.5.12","latest_non_vulnerable_version":"5.1.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13755?format=json","vulnerability_id":"VCID-3r3j-bqzm-5ufz","summary":"Improper Access Control\nA web service fetching messages was not restricted to the current user's conversations.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10154","reference_id":"","reference_type":"","scores":[{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.4671","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10154"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10154"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/2904a7f851da8e66be12f41d55068bf07817fbd6"},{"reference_url":"https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a3d19efab4aff83c07db9f0ad34c8f0e1f29c64c"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=386521","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=386521"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10154","reference_id":"CVE-2019-10154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57253?format=json","purl":"pkg:composer/moodle/moodle@3.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4"}],"aliases":["CVE-2019-10154","GHSA-ww45-x87c-wgff"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3r3j-bqzm-5ufz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/136434?format=json","vulnerability_id":"VCID-d2au-r7m3-cyc8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10189","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36039","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10189"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=388570","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=388570"},{"reference_url":"http://www.securityfocus.com/bid/109271","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/109271"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10189","reference_id":"CVE-2019-10189","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10189"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142887?format=json","purl":"pkg:composer/moodle/moodle@3.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/142888?format=json","purl":"pkg:composer/moodle/moodle@3.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/142889?format=json","purl":"pkg:composer/moodle/moodle@3.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1"}],"aliases":["CVE-2019-10189","GHSA-h7xp-7fjp-ghhc"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d2au-r7m3-cyc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/136431?format=json","vulnerability_id":"VCID-k249-a5wk-2fcs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10186","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.59172","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10186"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10186"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/ea1ac3c7efbddbdb210ea4c75e7156c7d7ee914b"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=388567#p1566329","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=388567#p1566329"},{"reference_url":"https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210125055044/https://www.securityfocus.com/bid/109175"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10186","reference_id":"CVE-2019-10186","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142887?format=json","purl":"pkg:composer/moodle/moodle@3.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/142888?format=json","purl":"pkg:composer/moodle/moodle@3.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/142889?format=json","purl":"pkg:composer/moodle/moodle@3.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1"}],"aliases":["CVE-2019-10186","GHSA-wv9c-pfpm-4wc5"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k249-a5wk-2fcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/141705?format=json","vulnerability_id":"VCID-kys8-9mu7-w7dn","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18210","reference_id":"","reference_type":"","scores":[{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63451","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18210"},{"reference_url":"https://docs.moodle.org/38/en/Teacher_role","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.moodle.org/38/en/Teacher_role"},{"reference_url":"https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18210","reference_id":"CVE-2019-18210","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18210"},{"reference_url":"https://github.com/advisories/GHSA-q6vw-27c6-jv9c","reference_id":"GHSA-q6vw-27c6-jv9c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q6vw-27c6-jv9c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/154941?format=json","purl":"pkg:composer/moodle/moodle@3.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19gu-j1d4-4uab"},{"vulnerability":"VCID-gx6x-ebpv-k7er"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.3"}],"aliases":["CVE-2019-18210","GHSA-q6vw-27c6-jv9c"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kys8-9mu7-w7dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/136432?format=json","vulnerability_id":"VCID-s8ph-ghzm-q7c5","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10187","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36039","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10187"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10187"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=388568#p1566330","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=388568#p1566330"},{"reference_url":"http://www.securityfocus.com/bid/109174","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/109174"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10187","reference_id":"CVE-2019-10187","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10187"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142887?format=json","purl":"pkg:composer/moodle/moodle@3.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/142888?format=json","purl":"pkg:composer/moodle/moodle@3.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/142889?format=json","purl":"pkg:composer/moodle/moodle@3.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1"}],"aliases":["CVE-2019-10187","GHSA-2mg9-hv69-897x"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8ph-ghzm-q7c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/157258?format=json","vulnerability_id":"VCID-x3gw-ztjq-ebbu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1692","reference_id":"","reference_type":"","scores":[{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36564","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1692"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1692","reference_id":"CVE-2020-1692","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1692"},{"reference_url":"https://github.com/advisories/GHSA-9328-7pcw-vw69","reference_id":"GHSA-9328-7pcw-vw69","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9328-7pcw-vw69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/76250?format=json","purl":"pkg:composer/moodle/moodle@3.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.2"}],"aliases":["CVE-2020-1692","GHSA-9328-7pcw-vw69"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3gw-ztjq-ebbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/136433?format=json","vulnerability_id":"VCID-y219-hufv-tkds","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10188","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36039","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10188"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=388569","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=388569"},{"reference_url":"http://www.securityfocus.com/bid/109178","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/109178"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10188","reference_id":"CVE-2019-10188","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10188"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142887?format=json","purl":"pkg:composer/moodle/moodle@3.5.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.7"},{"url":"http://public2.vulnerablecode.io/api/packages/142888?format=json","purl":"pkg:composer/moodle/moodle@3.6.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.5"},{"url":"http://public2.vulnerablecode.io/api/packages/142889?format=json","purl":"pkg:composer/moodle/moodle@3.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.7.1"}],"aliases":["CVE-2019-10188","GHSA-92q5-2h76-vgmj"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y219-hufv-tkds"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13756?format=json","vulnerability_id":"VCID-qfmd-5exc-c3f3","summary":"Improper Input Validation\nThe size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10134","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39154","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10134"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=386524","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=386524"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10134","reference_id":"CVE-2019-10134","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10134"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57250?format=json","purl":"pkg:composer/moodle/moodle@3.1.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.18"},{"url":"http://public2.vulnerablecode.io/api/packages/57251?format=json","purl":"pkg:composer/moodle/moodle@3.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/57252?format=json","purl":"pkg:composer/moodle/moodle@3.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/57253?format=json","purl":"pkg:composer/moodle/moodle@3.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4"}],"aliases":["CVE-2019-10134","GHSA-j8wr-7xxj-c2fr"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qfmd-5exc-c3f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13753?format=json","vulnerability_id":"VCID-x2e5-m5rs-7qfr","summary":"URL Redirection to Untrusted Site (Open Redirect)\nThe form to upload cohorts contained a redirect field, which was not restricted to internal URLs.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10133","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35758","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10133"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10133","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10133"},{"reference_url":"https://github.com/moodle/moodle","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle"},{"reference_url":"https://github.com/moodle/moodle/commit/5a89ac9640b3a695720845b6ddeff65e69a289fc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/5a89ac9640b3a695720845b6ddeff65e69a289fc"},{"reference_url":"https://github.com/moodle/moodle/commit/a6258d0934f707b1d033f50fb41ffbcf45bb2102","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/a6258d0934f707b1d033f50fb41ffbcf45bb2102"},{"reference_url":"https://github.com/moodle/moodle/commit/c509d108216524887c7ca08b1c451054d669ea75","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/c509d108216524887c7ca08b1c451054d669ea75"},{"reference_url":"https://github.com/moodle/moodle/commit/cd6fb4322b6b1914c05f05033a71ed060f875fd4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/cd6fb4322b6b1914c05f05033a71ed060f875fd4"},{"reference_url":"https://github.com/moodle/moodle/commit/d5067bffd230d733ad24f6aeaa56aaa17eca5bfb","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moodle/moodle/commit/d5067bffd230d733ad24f6aeaa56aaa17eca5bfb"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=386523","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://moodle.org/mod/forum/discuss.php?d=386523"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10133","reference_id":"CVE-2019-10133","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10133"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57250?format=json","purl":"pkg:composer/moodle/moodle@3.1.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.1.18"},{"url":"http://public2.vulnerablecode.io/api/packages/57251?format=json","purl":"pkg:composer/moodle/moodle@3.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/57252?format=json","purl":"pkg:composer/moodle/moodle@3.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3r3j-bqzm-5ufz"},{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/57253?format=json","purl":"pkg:composer/moodle/moodle@3.6.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d2au-r7m3-cyc8"},{"vulnerability":"VCID-k249-a5wk-2fcs"},{"vulnerability":"VCID-kys8-9mu7-w7dn"},{"vulnerability":"VCID-s8ph-ghzm-q7c5"},{"vulnerability":"VCID-x3gw-ztjq-ebbu"},{"vulnerability":"VCID-y219-hufv-tkds"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.6.4"}],"aliases":["CVE-2019-10133","GHSA-5xp2-rv4h-mm2q"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x2e5-m5rs-7qfr"}],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@3.5.6"}