Description

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.

Remediation

References

CVE-2021-36395

Related Vulnerabilities

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9126)

WordPress Plugin Redirection Page Multiple Vulnerabilities (1.2)

WordPress Plugin Better User Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.0)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627)

PHP Resource Management Errors Vulnerability (CVE-2011-3267)

Severity

High

Classification

CVE-2021-36395 CWE-674 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities