5 matches found
EUVD-2025-11099
Malicious code in bioql PyPI...
CVE-2025-32784
conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. In versions prior to 2025.4.10, a race condition vulnerability has been identified in the conda-forge-webservices component used within the shared build infrastructure. This vulnerability, categorized a...
CVE-2025-32784 conda-forge-webservices has an Unauthorized Artifact Modification Race Condition
conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. In versions prior to 2025.4.10, a race condition vulnerability has been identified in the conda-forge-webservices component used within the shared build infrastructure. This vulnerability, categorized a...
CVE-2025-32784
Conda-forge-webservices (versions prior to 2025.4.10) is vulnerable to an unauthorized artifact modification race condition (TOCTOU). The issue arises from a lack of atomicity between hash validation and the artifact copy, allowing an attacker with cf-staging access to overwrite a verified artifa...
CVE-2025-32784 conda-forge-webservices has an Unauthorized Artifact Modification Race Condition
conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. In versions prior to 2025.4.10, a race condition vulnerability has been identified in the conda-forge-webservices component used within the shared build infrastructure. This vulnerability, categorized a...