CVE-2025-32798 Conda-build Allows Arbitrary Code Execution via Malicious Recipe Selectors
Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build recipe processing logic has been found to be vulnerable to arbitrary code execution due to unsafe evaluation of recipe selectors. Currently, conda-build uses the eval function to process...