Vulnerabilidades en conda-forge
9 resultadosCVE-2025-27510CRITICALRCE in the package conda-forge-metadataEPSS 0.6%CVE-2025-49843LOWconda-smithy Has Incorrect Default File PermissionsEPSS 0.5%CVE-2025-31484CRITICALconda-forge infrastructure uses a bad token for Azure's cf-staging accessEPSS 0.4%CVE-2025-49824LOWconda-smithy Insecure Encryption Vulnerable to Oracle Padding AttackEPSS 0.2%CVE-2025-32784HIGHconda-forge-webservices has an Unauthorized Artifact Modification Race ConditionEPSS 0.2%CVE-2026-46699HIGHconda-smithy vulnerable to misrouted repository invitation by conda-forge-webservices[bot] due to GitHub username takeover leading to unintended write access in conda-forge feedstock repositoryEPSS 0.2%CVE-2025-35471HIGHconda-forge openssl-feedstock writable OPENSSLDIREPSS 0.2%CVE-2025-49842LOWconda-forge-webservices Privilege Escalation Risk via Default Docker Root UserEPSS 0.2%CVE-2025-49598MEDIUMconda-forge-ci-setup Allows Arbitrary Code Execution via Insecure Version ParsingEPSS 0.1%