{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","type":"composer","namespace":"moodle","name":"moodle","version":"2.7.10","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.7.19","latest_non_vulnerable_version":"5.1.2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43619?format=json","vulnerability_id":"VCID-1z6j-fs6f-eua1","summary":"Moodle allows attackers to obtain manager privileges\nThe enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to obtain manager privileges in opportunistic circumstances by leveraging incorrect role processing during a long-running sync script.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50744"},{"reference_url":"https://github.com/moodle/moodle/commit/936facab28d8d8bd03f38da42cb80fafba1a06db","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/936facab28d8d8bd03f38da42cb80fafba1a06db"},{"reference_url":"https://github.com/moodle/moodle/commit/ab006d43e48add8e5495141d4d750c1531772ca2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/ab006d43e48add8e5495141d4d750c1531772ca2"},{"reference_url":"https://github.com/moodle/moodle/commit/dff6cdc88355f22ebaaf8f00c44a1ad51d272344","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/dff6cdc88355f22ebaaf8f00c44a1ad51d272344"},{"reference_url":"https://github.com/moodle/moodle/commit/f7fbc80766b72ed1c9915698edd443ee8f6eafbd","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/f7fbc80766b72ed1c9915698edd443ee8f6eafbd"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320290","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320290"},{"reference_url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5266","reference_id":"CVE-2015-5266","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5266"},{"reference_url":"https://github.com/advisories/GHSA-454r-4cjv-vc9h","reference_id":"GHSA-454r-4cjv-vc9h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-454r-4cjv-vc9h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5266","GHSA-454r-4cjv-vc9h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1z6j-fs6f-eua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43707?format=json","vulnerability_id":"VCID-evke-m8nn-6ua3","summary":"Moodle allows attackers to enter additional answer attempts\nThe lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter additional answer attempts by leveraging the student role.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50516"},{"reference_url":"https://github.com/moodle/moodle/commit/3071f085918dfeabb154596362dab2648ec6ad84","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/3071f085918dfeabb154596362dab2648ec6ad84"},{"reference_url":"https://github.com/moodle/moodle/commit/343ed5b929ff8a68efe076505cd3e52d951f7869","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/343ed5b929ff8a68efe076505cd3e52d951f7869"},{"reference_url":"https://github.com/moodle/moodle/commit/39b50f7d3eea43266a3d0c09590e48624e69a091","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/39b50f7d3eea43266a3d0c09590e48624e69a091"},{"reference_url":"https://github.com/moodle/moodle/commit/67e3f70bb11382fc0f1eaf1a160c349269e370cc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/67e3f70bb11382fc0f1eaf1a160c349269e370cc"},{"reference_url":"https://github.com/moodle/moodle/commit/9d5b339126586eddeced463c81295146e231a3c4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/9d5b339126586eddeced463c81295146e231a3c4"},{"reference_url":"https://github.com/moodle/moodle/commit/9fd13426926fd882d3f024cb7171802ef2b3814d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/9fd13426926fd882d3f024cb7171802ef2b3814d"},{"reference_url":"https://github.com/moodle/moodle/commit/ca74203efd51be6467091d9af762a31a7cad5840","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/ca74203efd51be6467091d9af762a31a7cad5840"},{"reference_url":"https://github.com/moodle/moodle/commit/cd3a6a78b67abf5c9eb355ddc7899b1b2a9b20ac","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/cd3a6a78b67abf5c9eb355ddc7899b1b2a9b20ac"},{"reference_url":"https://github.com/moodle/moodle/commit/e7288eaabe77e04157f702b20fd0a7e9ce7067ca","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/e7288eaabe77e04157f702b20fd0a7e9ce7067ca"},{"reference_url":"https://github.com/moodle/moodle/commit/f9cc721dfd761ee34209cf58838079b9b550b356","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/f9cc721dfd761ee34209cf58838079b9b550b356"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320287","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320287"},{"reference_url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5264","reference_id":"CVE-2015-5264","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5264"},{"reference_url":"https://github.com/advisories/GHSA-mm9q-3847-m48x","reference_id":"GHSA-mm9q-3847-m48x","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm9q-3847-m48x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5264","GHSA-mm9q-3847-m48x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evke-m8nn-6ua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43637?format=json","vulnerability_id":"VCID-fpuj-f6nx-n7a9","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site scripting (XSS) vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50709"},{"reference_url":"https://github.com/moodle/moodle/commit/45f3b5302d645ba13ca8b68b0106a638ebd21980","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/45f3b5302d645ba13ca8b68b0106a638ebd21980"},{"reference_url":"https://github.com/moodle/moodle/commit/a44fed5c804b52e82c334c37dcc1c12b77f97af8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/a44fed5c804b52e82c334c37dcc1c12b77f97af8"},{"reference_url":"https://github.com/moodle/moodle/commit/ae6b18a9343083c1ab62d6eb535a7112bd7a3a50","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/ae6b18a9343083c1ab62d6eb535a7112bd7a3a50"},{"reference_url":"https://github.com/moodle/moodle/commit/fa5a3cdedcd92bd96881fa89a6ff5efd80bd3512","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/fa5a3cdedcd92bd96881fa89a6ff5efd80bd3512"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320293","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320293"},{"reference_url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5269","reference_id":"CVE-2015-5269","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5269"},{"reference_url":"https://github.com/advisories/GHSA-5729-822w-j342","reference_id":"GHSA-5729-822w-j342","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5729-822w-j342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5269","GHSA-5729-822w-j342"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpuj-f6nx-n7a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43441?format=json","vulnerability_id":"VCID-jc19-ee46-4uh3","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nlib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 relies on the PHP mt_rand function to implement the random_string and complex_random_string functions, which makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50860"},{"reference_url":"https://github.com/moodle/moodle/commit/289bc7f9e3022918b4cfd2cc9851472f0cea2896","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/289bc7f9e3022918b4cfd2cc9851472f0cea2896"},{"reference_url":"https://github.com/moodle/moodle/commit/5337b2295237958c93b6c65fa595859aaa7bf257","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/5337b2295237958c93b6c65fa595859aaa7bf257"},{"reference_url":"https://github.com/moodle/moodle/commit/6e8224365ffcdf328458ea7852dc62574e806119","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/6e8224365ffcdf328458ea7852dc62574e806119"},{"reference_url":"https://github.com/moodle/moodle/commit/e4ac3879c2d1f8fe66caa74ff1544248bccef61e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/e4ac3879c2d1f8fe66caa74ff1544248bccef61e"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320291","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320291"},{"reference_url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5267","reference_id":"CVE-2015-5267","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5267"},{"reference_url":"https://github.com/advisories/GHSA-382v-gxj9-ffhc","reference_id":"GHSA-382v-gxj9-ffhc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-382v-gxj9-ffhc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5267","GHSA-382v-gxj9-ffhc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jc19-ee46-4uh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43478?format=json","vulnerability_id":"VCID-wg45-hemm-97am","summary":"Exposure of Sensitive Information to an Unauthorized Actor\nThe rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50173"},{"reference_url":"https://github.com/moodle/moodle/commit/20ff15e22b4f0abebe1ab5fbfd1d681c88765e2a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/20ff15e22b4f0abebe1ab5fbfd1d681c88765e2a"},{"reference_url":"https://github.com/moodle/moodle/commit/4015226623111438158fa762b7ce61f6cf677665","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/4015226623111438158fa762b7ce61f6cf677665"},{"reference_url":"https://github.com/moodle/moodle/commit/731c2712e746053b1ca06b50118632305b447e02","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/731c2712e746053b1ca06b50118632305b447e02"},{"reference_url":"https://github.com/moodle/moodle/commit/fa57105063129eed83bf09d83348681501ff5b64","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/fa57105063129eed83bf09d83348681501ff5b64"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320292","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320292"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033619"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5268","reference_id":"CVE-2015-5268","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5268"},{"reference_url":"https://github.com/advisories/GHSA-h34c-px28-rjgw","reference_id":"GHSA-h34c-px28-rjgw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h34c-px28-rjgw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5268","GHSA-h34c-px28-rjgw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg45-hemm-97am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43769?format=json","vulnerability_id":"VCID-xy2y-yxfu-xfgm","summary":"Moodle allows attackers to delete files\nThe wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, which allows remote authenticated users to delete arbitrary files by using a manage-files button in a text editor.","references":[{"reference_url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371","reference_id":"","reference_type":"","scores":[],"url":"http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48371"},{"reference_url":"https://github.com/moodle/moodle/commit/037e05e8b266bff4835f0d2eea33ef86fb71d585","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/037e05e8b266bff4835f0d2eea33ef86fb71d585"},{"reference_url":"https://github.com/moodle/moodle/commit/1d70050f33edb79b974de2509f18c943969589ea","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/1d70050f33edb79b974de2509f18c943969589ea"},{"reference_url":"https://github.com/moodle/moodle/commit/40a154551fcdf0b9ea906f4d1313df29754f1fa1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/40a154551fcdf0b9ea906f4d1313df29754f1fa1"},{"reference_url":"https://github.com/moodle/moodle/commit/78de2e86e8506222cf49b1cc6dc58467750ae83d","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/moodle/moodle/commit/78de2e86e8506222cf49b1cc6dc58467750ae83d"},{"reference_url":"https://moodle.org/mod/forum/discuss.php?d=320289","reference_id":"","reference_type":"","scores":[],"url":"https://moodle.org/mod/forum/discuss.php?d=320289"},{"reference_url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20160323063809/http://www.securitytracker.com/id/1033619"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/21/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/09/21/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5265","reference_id":"CVE-2015-5265","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5265"},{"reference_url":"https://github.com/advisories/GHSA-44xp-wj24-9xxj","reference_id":"GHSA-44xp-wj24-9xxj","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-44xp-wj24-9xxj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62293?format=json","purl":"pkg:composer/moodle/moodle@2.7.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"},{"url":"http://public2.vulnerablecode.io/api/packages/62294?format=json","purl":"pkg:composer/moodle/moodle@2.8.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.8.8"},{"url":"http://public2.vulnerablecode.io/api/packages/62295?format=json","purl":"pkg:composer/moodle/moodle@2.9.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.9.2"}],"aliases":["CVE-2015-5265","GHSA-44xp-wj24-9xxj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xy2y-yxfu-xfgm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/moodle/moodle@2.7.10"}