Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/06/16 10:23 p.m.6 views

CVE-2025-32798

The conda-build contains commands and tools to build conda packages. The conda-build recipe processing logic was found to be vulnerable to arbitrary code execution due to unsafe evaluation of recipe selectors. Currently, conda-build uses the eval function to process embedded selectors in meta.yam...

9.8CVSS7.3AI score0.00695EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/06/16 8:10 p.m.3 views

CVE-2025-32798 Conda-build Allows Arbitrary Code Execution via Malicious Recipe Selectors

Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build recipe processing logic has been found to be vulnerable to arbitrary code execution due to unsafe evaluation of recipe selectors. Currently, conda-build uses the eval function to process...

9.2CVSS7.5AI score0.00695EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/06/16 8:10 p.m.21 views

CVE-2025-32798 Conda-build Allows Arbitrary Code Execution via Malicious Recipe Selectors

Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build recipe processing logic has been found to be vulnerable to arbitrary code execution due to unsafe evaluation of recipe selectors. Currently, conda-build uses the eval function to process...

9.2CVSS0.00695EPSS
Exploits1References3
CVE
CVE
added 2025/06/16 8:10 p.m.54 views

CVE-2025-32798

Conda-build (prior to 25.4.0) is vulnerable to arbitrary code execution due to unsafe evaluation of recipe selectors, currently using eval to process embedded selectors in meta.yaml files. This un sanitised input allows execution of malicious code during the build process, compromising the build ...

9.8CVSS8.1AI score0.00695EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder