CVE-2019-10134

low

Description

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.

References

https://moodle.org/mod/forum/discuss.php?d=386524

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134

Details

Source: Mitre, NVD

Published: 2019-06-26

Updated: 2021-10-28

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Severity: Low

EPSS

EPSS: 0.00179

Detections

Analytics