Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/06/16 8:54 p.m.7 views

CVE-2025-32797

The Conda-build contains commands and tools to build Conda packages. Prior to version 25.3.1, The writebuildscripts function in conda-build creates the temporary build script condabuild.sh with overly permissive file permissions 0o766, allowing write access to all users. This flaw allows attacker...

7CVSS7.2AI score0.00143EPSS
Exploits0References2
Circl
Circl
added 2025/06/16 7:26 p.m.14 views

CVE-2025-32797

creationtimestamp| type| source ---|---|--- 2025-06-16 19:26:55+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114694685602522986 2025-06-16 20:37:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18527 2025-12-17 14:22:27+00:00| seen|...

7CVSS4.8AI score0.00143EPSS
Exploits0References3
NVD
NVD
added 2025/06/16 7:15 p.m.13 views

CVE-2025-32797

Conda-build contains commands and tools to build conda packages. Prior to version 25.3.1, the writebuildscripts function in conda-build creates the temporary build script condabuild.sh with overly permissive file permissions 0o766, allowing write access to all users. Attackers with filesystem...

7CVSS0.00143EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/16 6:46 p.m.4 views

CVE-2025-32797 Conda-build Insecure Build Script Permissions Enabling Arbitrary Code Execution

Conda-build contains commands and tools to build conda packages. Prior to version 25.3.1, the writebuildscripts function in conda-build creates the temporary build script condabuild.sh with overly permissive file permissions 0o766, allowing write access to all users. Attackers with filesystem...

6CVSS8.1AI score0.00143EPSS
Exploits0References4
CVE
CVE
added 2025/06/16 6:46 p.m.35 views

CVE-2025-32797

Conda-build before 25.3.1 creates a temporary build script (conda_build.sh) with overly permissive 0o766 permissions. A local attacker with filesystem access can race between creation and execution to overwrite the script, enabling arbitrary code execution under the victim’s privileges. Fedora an...

7CVSS7.4AI score0.00143EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder