Nixpkgs Security Tracker

Dismissed

Permalink CVE-2025-52627

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): PHYSICAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): NONE

updated 1 month, 2 weeks ago by @jopejoe1 Activity log

Created automatic suggestion 1 month, 2 weeks ago
@jopejoe1 removed
15 packages
- python312Packages.aionut
- python313Packages.aionut
- python314Packages.aionut
- python312Packages.aiontfy
- python313Packages.aiontfy
- python314Packages.aiontfy
- python312Packages.aionotion
- python313Packages.aionotion
- python314Packages.aionotion
- python312Packages.aionanoleaf
- python313Packages.aionanoleaf
- python314Packages.aionanoleaf
- python312Packages.electrum-aionostr
- python313Packages.electrum-aionostr
- python314Packages.electrum-aionostr
1 month, 2 weeks ago
@jopejoe1 dismissed 1 month, 2 weeks ago

HCL AION is susceptible to Incorrect Permission Assignment for Critical Resource

Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications to critical system files, potentially increasing the risk of system compromise or unauthorized changes.This issue affects AION: 2.0.

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972

Affected products

AION

==2.0

Not present in nixpkgs

Suggestion detail

References

Affected products