Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
Permalink CVE-2025-55252
3.1 LOW
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): HIGH
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 2 months ago by @mweinelt Activity log
  • Created automatic suggestion 2 months ago
  • @mweinelt removed
    10 packages
    • python312Packages.aionut
    • python313Packages.aionut
    • python312Packages.aiontfy
    • python313Packages.aiontfy
    • python312Packages.aionotion
    • python313Packages.aionotion
    • python312Packages.aionanoleaf
    • python313Packages.aionanoleaf
    • python313Packages.electrum-aionostr
    • python312Packages.electrum-aionostr
    2 months ago
  • @mweinelt dismissed 2 months ago
HCL AION is affected by a Weak Password Policy vulnerability

HCL AION  version 2 is affected by a Weak Password Policy vulnerability. This can  allow the use of easily guessable passwords, potentially resulting in unauthorized access

References

Affected products

AION
  • ==2 
Not packaged