Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Anaconda3 信任管理问题漏洞
Vulnerability Description
Anaconda3是美国Anaconda公司的一个用于科学计算(数据科学、机器学习应用程序、大规模数据处理、预测分析等)的 Python 和 R 编程语言的发行版。致力于简化软件包管理系统和部署。 Anaconda3 2023.03-1-Linux版本存在安全漏洞,该漏洞源于允许本地用户通过修改已安装的pip程序中断TLS证书验证。
CVSS Information
N/A
Vulnerability Type
N/A