CVE-2021-32476

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-32476

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32476.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-32476

Aliases

Downstream

UBUNTU-CVE-2021-32476

Published

2022-03-11T18:15:17.153Z

Modified

2026-02-18T00:28:06.668605Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

22984eaeccf9ccd72572cc4cc51ae9372cefa06d

Introduced

500c131eb49771e36f68d151dfa37fef5a9bc2df

Fixed

270f52bf55acaf121cbae6643a8fa6545d545c3f

Introduced

ec58cefefb2722f61f77c9a2b6a12d40a8c078a0

Fixed

237f4ccada7c8ba85ac9391193293491d8953018

Introduced

f968cd44e8ee5d54b1bc56823040ff770dbf18af

Fixed

49648fdf30aae05b61604a12549436cee8c96436

Affected versions

v3.*

v3.10.0

v3.10.0-beta

v3.10.0-rc1

v3.10.0-rc2

v3.10.1

v3.10.2

v3.10.3

v3.8.0

v3.8.1

v3.8.2

v3.8.3

v3.8.4

v3.8.5

v3.8.6

v3.8.7

v3.8.8

v3.9.0

v3.9.1

v3.9.2

v3.9.3

v3.9.4

v3.9.5

v3.9.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-32476.json"