Moodle · Moodle · CVE-2020-25630
**Name of the Vulnerable Software and Affected Versions**
Moodle versions 3.5 to 3.5.13
Moodle versions 3.7 to 3.7.7
Moodle versions 3.8 to 3.8.4
Moodle versions 3.9 to 3.9.1
**Description**
A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk.
**Recommendations**
For versions 3.5 to 3.5.13, update to version 3.5.14 to resolve the issue.
For versions 3.7 to 3.7.7, update to version 3.7.8 to resolve the issue.
For versions 3.8 to 3.8.4, update to version 3.8.5 to resolve the issue.
For versions 3.9 to 3.9.1, update to version 3.9.2 to resolve the issue.