Описание
conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - "conda-oci-mirror" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in remote code execution.
Ссылки
EPSS
Процентиль: 75%
0.0089
Низкий
Дефекты
CWE-829
EPSS
Процентиль: 75%
0.0089
Низкий
Дефекты
CWE-829