UBUNTU-CVE-2025-62393

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-62393

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-62393.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-62393

Upstream

CVE-2025-62393

Published

2025-10-23T12:15:00Z

Modified

2025-11-18T05:26:48Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

References

Affected packages

Ubuntu:16.04:LTS / moodle

Package

Name: moodle
Purl: pkg:deb/ubuntu/moodle@3.0.3+dfsg-0ubuntu1?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7.9+dfsg-1

2.7.10+dfsg-1

2.7.11+dfsg-1

2.7.11+dfsg-2

2.7.12+dfsg-1

3.*

3.0.3+dfsg-0ubuntu1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "3.0.3+dfsg-0ubuntu1",
            "binary_name": "moodle"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-62393.json"

Ubuntu:18.04:LTS / moodle