NIXPKGS-2026-0038

published on 18 Jan 2026

Permalink CVE-2025-62400

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 3 months ago
@LeSuisse removed package moodle-dl 1 month ago
@LeSuisse removed
2 maintainers
- @kmein
- @freezeboy
1 month ago
@LeSuisse accepted 1 month ago
@LeSuisse published on GitHub 1 month ago

Moodle: hidden group names visible to event creators

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

Affected products

moodle

<4.1.21
<4.5.7
<4.4.11
<5.0.3

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.0.2
- nixpkgs-unstable 5.0.2
- nixos-unstable-small 5.0.2

Package maintainers

Ignored maintainers (1)

@freezeboy freezeboy

Nixpkgs Security Tracker

Details of issue NIXPKGS-2026-0038

Affected products

Matching in nixpkgs

pkgs.moodle

Package maintainers