Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

conda — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting conda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by conda:conda-buildconstructor
CVE IDTitleCVSSSeverityPublished
CVE-2025-64343 (conda) Constructor: Excessive permissions during and after installation — constructorCWE-289 7.8 High2025-11-07
CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low) — constructorCWE-77--2025-06-17
CVE-2025-32800 Conda-build vulnerable to supply chain attack vector due to pyproject.toml referring to dependencies not present in PyPI — conda-buildCWE-1357 9.8AICriticalAI2025-06-16
CVE-2025-32799 Conda-build Vulnerable to Path Traversal via Malicious Tar File — conda-buildCWE-22 9.8AICriticalAI2025-06-16
CVE-2025-32798 Conda-build Allows Arbitrary Code Execution via Malicious Recipe Selectors — conda-buildCWE-94 8.8AIHighAI2025-06-16
CVE-2025-32797 Conda-build Insecure Build Script Permissions Enabling Arbitrary Code Execution — conda-buildCWE-277 7.0AIHighAI2025-06-16

This page lists every published CVE security advisory associated with conda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.