CVE-2025-3625

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-3625

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3625.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-3625

Downstream

UBUNTU-CVE-2025-3625

Published

2025-04-25T15:15:36Z

Modified

2025-07-29T11:22:52.263857Z

Summary

[none]

Details

A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).

References

https://access.redhat.com/security/cve/CVE-2025-3625
https://bugzilla.redhat.com/show_bug.cgi?id=2359690

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type: GIT
Repo: https://github.com/moodle/moodle
Events: Introduced

fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f

Fixed

73fc31dabf4feb33ef02167bd98063a3ceef89bb

Affected versions

v4.*

v4.3.0

v4.3.1

v4.3.10

v4.3.11

v4.3.2

v4.3.3

v4.3.4

v4.3.5

v4.3.6

v4.3.7

v4.3.8

v4.3.9