Moodle: Uncontrolled Recursion (CVE-2021-36395)

Moodle: Uncontrolled Recursion (CVE-2021-36395)

Severity

8

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

03/06/2023

Created

03/15/2023

Added

03/15/2023

Modified

01/30/2025

Description

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

Solution(s)

• moodle-upgrade-3_10_5
• moodle-upgrade-3_11_1
• moodle-upgrade-3_9_8

References

• https://attackerkb.com/topics/cve-2021-36395
• CVE - 2021-36395
• https://moodle.org/mod/forum/discuss.php?d=424801