Описание
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.
Ссылки
- Issue TrackingThird Party Advisory
- PatchVendor Advisory
- Issue TrackingThird Party Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.1.0 (включая) до 3.1.17 (включая)Версия от 3.4.0 (включая) до 3.4.8 (включая)Версия от 3.5.0 (включая) до 3.5.5 (включая)Версия от 3.6.0 (включая) до 3.6.3 (включая)
Одно из
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00179
Низкий
4.2 Medium
CVSS3
3.7 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 3.7
ubuntu
почти 6 лет назад
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.
CVSS3: 3.7
debian
почти 6 лет назад
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...
CVSS3: 4.2
github
около 3 лет назад
Moodle Private files uploaded via incoming mail processing could bypass quota restrictions
EPSS
Процентиль: 40%
0.00179
Низкий
4.2 Medium
CVSS3
3.7 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
NVD-CWE-noinfo