CVE-2025-3634

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-3634

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3634.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-3634

Aliases

Downstream

UBUNTU-CVE-2025-3634

Published

2025-04-25T14:15:22.917Z

Modified

2026-04-10T05:25:43.575858Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

A security vulnerability was discovered in Moodle that allows students to enroll themselves in courses without completing all the necessary safety checks. Specifically, users can sign up for courses prematurely, even if they haven't finished two-step verification processes.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type

GIT

Repo

https://github.com/moodle/moodle

Events

Introduced

fe7aff8093240cc373f1ddaa66ecb91c4bc0a09f

Fixed

73fc31dabf4feb33ef02167bd98063a3ceef89bb

Introduced

ee91c6536f99e1633e2245780c4fe7f47340ed66

Fixed

f22eed6b67af8d0c25732d549680482e1867cd34

Introduced

52c0da7c647bd6ba8c5f61882d88959821a1fb41

Fixed

8f0c7bb53cd3ead755e941183e6d3bd0ac717a19

Database specific

{
    "versions": [
        {
            "introduced": "4.3.0"
        },
        {
            "fixed": "4.3.12"
        },
        {
            "introduced": "4.4.0"
        },
        {
            "fixed": "4.4.8"
        },
        {
            "introduced": "4.5.0"
        },
        {
            "fixed": "4.5.4"
        }
    ]
}

Affected versions

v4.*

v4.3.0

v4.3.1

v4.3.10

v4.3.11

v4.3.2

v4.3.3

v4.3.4

v4.3.5

v4.3.6

v4.3.7

v4.3.8

v4.3.9

v4.4.0

v4.4.1

v4.4.2

v4.4.3

v4.4.4

v4.4.5

v4.4.6

v4.4.7

v4.5.0

v4.5.1

v4.5.2

v4.5.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-3634.json"