Vulnerabilities in conda
6 resultsCVE-2025-32799MEDIUMConda-build Vulnerable to Path Traversal via Malicious Tar FileEPSS 1.3%CVE-2025-32798HIGHConda-build Allows Arbitrary Code Execution via Malicious Recipe SelectorsEPSS 0.7%CVE-2025-32800HIGHConda-build vulnerable to supply chain attack vector due to pyproject.toml referring to dependencies not present in PyPIEPSS 0.5%CVE-2025-49823NONEConda Constructor Command Injection via Unsanitized User Input (Low)EPSS 0.1%CVE-2025-32797MEDIUMConda-build Insecure Build Script Permissions Enabling Arbitrary Code ExecutionEPSS 0.1%CVE-2025-64343HIGH(conda) Constructor: Excessive permissions during and after installationEPSS 0.1%