CVE-2021-32476

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-32476

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32476.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-32476

Aliases

Related

UBUNTU-CVE-2021-32476

Published

2022-03-11T18:15:17Z

Modified

2024-10-12T07:35:11.517243Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.

References

https://moodle.org/mod/forum/discuss.php?d=422310

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

f968cd44e8ee5d54b1bc56823040ff770dbf18af

Fixed

49648fdf30aae05b61604a12549436cee8c96436

Affected versions

v3.*

v3.8.0

v3.8.1

v3.8.2

v3.8.3

v3.8.4

v3.8.5

v3.8.6

v3.8.7

v3.8.8