CVE-2021-36395
Moodle vulnerable to Uncontrolled Resource Consumption in packagist/moodle/moodle
Identifiers
CVE-2021-36395, GHSA-273w-7fxj-pcp6
Package Slug
packagist/moodle/moodle
Vulnerability
Moodle vulnerable to Uncontrolled Resource Consumption
Description
In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.
Affected Versions
All versions before 3.9.8, all versions starting from 3.10.0 before 3.10.5, all versions starting from 3.11.0-beta before 3.11.1
Solution
Upgrade to versions 3.9.8, 3.10.5, 3.11.1 or above.
Last Modified
2023-03-08
| source |