UBUNTU-CVE-2025-3625

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-3625

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-3625.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-3625

Upstream

CVE-2025-3625

Published

2025-04-25T15:15:00Z

Modified

2025-07-16T07:21:18.915655Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A security vulnerability was discovered in Moodle that can allow hackers to gain access to sensitive information about students and prevent them from logging into their accounts, even after they had completed two-factor authentication (2FA).

References

Affected packages

Ubuntu:Pro:16.04:LTS / moodle

Package

Name: moodle
Purl: pkg:deb/ubuntu/moodle@3.0.3+dfsg-0ubuntu1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.9+dfsg-1

2.7.10+dfsg-1

2.7.11+dfsg-1

2.7.11+dfsg-2

2.7.12+dfsg-1

3.*

3.0.3+dfsg-0ubuntu1

Ubuntu:Pro:18.04:LTS / moodle

Package

Name: moodle
Purl: pkg:deb/ubuntu/moodle@3.0.3+dfsg-0ubuntu1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.0.3+dfsg-0ubuntu1