NIXPKGS-2026-0039

published on 18 Jan 2026

Permalink CVE-2025-62393

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 3 months ago
@LeSuisse removed package moodle-dl 1 month ago
@LeSuisse removed maintainer @freezeboy 1 month ago
@LeSuisse accepted 1 month ago
@LeSuisse published on GitHub 1 month ago

Moodle: course access permissions not properly checked in course_output_fragment_course_overview

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

Affected products

moodle

<5.0.3

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.0.2
- nixpkgs-unstable 5.0.2
- nixos-unstable-small 5.0.2

Package maintainers

Ignored maintainers (1)

@freezeboy freezeboy

Nixpkgs Security Tracker

Details of issue NIXPKGS-2026-0039

Affected products

Matching in nixpkgs

pkgs.moodle

Package maintainers