Candidate: CVE-2019-10134
PublicDate: 2019-06-26 19:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10134
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10134
 https://moodle.org/mod/forum/discuss.php?d=386524
Description:
 A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The
 size of users' private file uploads via email were not correctly checked,
 so their quota allowance could be exceeded.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N [3.7 LOW]
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N [3.7 LOW]


Patches_moodle:
 upstream: http://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=cbe5c5fed42a7c727039926779b142ae6bda0bcc
upstream_moodle: needs-triage
precise/esm_moodle: DNE
trusty_moodle: ignored (out of standard support)
trusty/esm_moodle: DNE
xenial_moodle: ignored (end of standard support, was needed)
bionic_moodle: needed
cosmic_moodle: ignored (reached end-of-life)
disco_moodle: ignored (reached end-of-life)
eoan_moodle: ignored (reached end-of-life)
focal_moodle: DNE
groovy_moodle: DNE
hirsute_moodle: DNE
impish_moodle: DNE
jammy_moodle: DNE
devel_moodle: DNE