Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-6186

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.00582EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/06 10:47 p.m.8 views

CVE-2025-27510

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

9.3CVSS7.7AI score0.00582EPSS
Exploits0References1
Snyk
Snyk
added 2025/03/04 10:40 p.m.1 views

Unsafe Dependency Resolution

Overview conda-forge-metadata is a programatic access to conda-forge's metadata Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to an unclaimed optional dependency. The package specifies an optional dependency on conda-oci-mirror, which is neither present on t...

10CVSS6.8AI score0.00582EPSS
Exploits0References2
NVD
NVD
added 2025/03/04 10:15 p.m.4 views

CVE-2025-27510

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

9.3CVSS0.00582EPSS
Exploits0References2
OSV
OSV
added 2025/03/04 9:48 p.m.4 views

CVE-2025-27510 RCE in the package conda-forge-metadata

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

9.3CVSS8.1AI score0.00582EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/04 9:48 p.m.22 views

CVE-2025-27510 RCE in the package conda-forge-metadata

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

9.3CVSS0.00582EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/04 9:48 p.m.3 views

CVE-2025-27510 RCE in the package conda-forge-metadata

conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in...

9.3CVSS7.9AI score0.00582EPSS
Exploits0References2
CVE
CVE
added 2025/03/04 9:48 p.m.47 views

CVE-2025-27510

CVE-2025-27510 concerns conda-forge-metadata which relies on an optional dependency, conda-oci-mirror, that was neither present on PyPI nor registered by any entity. If an attacker gains control of that dependency, it could enable remote code execution via the affected package’s metadata access. ...

9.3CVSS7.9AI score0.00582EPSS
Exploits0References2
Rows per page
Query Builder