本ページは hcl aion に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-52648 | HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system | [email protected] | 4.8 | 0.12% | 2026-03-16 | 2026-06-17 |
| CVE-2025-52638 | HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible. | [email protected] | 5.6 | 0.13% | 2026-03-16 | 2026-06-17 |
| CVE-2025-52637 | HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific conditions. | [email protected] | 4.5 | 0.22% | 2026-03-16 | 2026-06-17 |