Nixpkgs Security Tracker

Permalink CVE-2012-1168

created 3 days, 17 hours ago

Moodle before 2.2.2 has a password and web services issue …

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

Affected products

Moodle

==2.0 to 2.0.7+
==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1155

created 3 days, 18 hours ago

Moodle has a database activity export permission issue where the …

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

Affected products

Moodle

==1.9.x
==2.1.x
==2.2.x
==2.0.x

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1158

created 3 days, 18 hours ago

Moodle before 2.2.2 has a course information leak in gradebook …

Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export

Affected products

Moodle

==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1159

created 3 days, 19 hours ago

Moodle before 2.2.2: Overview report allows users to see hidden …

Moodle before 2.2.2: Overview report allows users to see hidden courses

Affected products

Moodle

==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1156

created 3 days, 19 hours ago

Moodle before 2.2.2 has users' private files included in course …

Moodle before 2.2.2 has users' private files included in course backups

Affected products

Moodle

==2.0 to 2.0.7+
==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1161

created 3 days, 20 hours ago

Moodle before 2.2.2: Course information leak via hidden courses being …

Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results

Affected products

Moodle

==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1157

created 3 days, 20 hours ago

Moodle before 2.2.2 has a default repository capabilities issue where …

Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default

Affected products

Moodle

==2.0 to 2.0.7+
==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1169

created 3 days, 22 hours ago

Moodle before 2.2.2 has Personal information disclosure, when administrative setting …

Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.

Affected products

Moodle

==2.0 to 2.0.7+
==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1160

created 3 days, 22 hours ago

Moodle before 2.2.2 has a permission issue in Forum Subscriptions …

Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php

Affected products

Moodle

==2.2 to 2.2.1+
==2.1 to 2.1.4+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Permalink CVE-2012-1170

created 3 days, 22 hours ago

Moodle before 2.2.2 has an external enrolment plugin context check …

Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough

Affected products

Moodle

==2.2 to 2.2.1+

Matching in nixpkgs

pkgs.moodle

Free and open-source learning management system (LMS) written in PHP

nixos-unstable 5.1.1
- nixpkgs-unstable 5.1.1
- nixos-unstable-small 5.1.1
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

pkgs.moodle-dl

Moodle downloader that downloads course content fast from Moodle

nixos-unstable 2.3.13
- nixpkgs-unstable 2.3.13
- nixos-unstable-small 2.3.13
nixos-25.11 2.3.13
- nixos-25.11-small 2.3.13
- nixpkgs-25.11-darwin 2.3.13

Package maintainers

@freezeboy freezeboy
@kmein Kierán Meinhardt <kmein@posteo.de>

Suggestions search

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers

Affected products

Matching in nixpkgs

pkgs.moodle

pkgs.moodle-dl

Package maintainers