Количество 3
Количество 3
CVE-2023-35845
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected.
GHSA-hhfv-2xc3-52h6
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected.
BDU:2023-07245
Уязвимость дистрибутива языка программирования Python Anaconda, связанная с возможностью записи в файлы в директории anaconda3, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-35845 Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected. | CVSS3: 4.7 | 0% Низкий | почти 2 года назад |
| GHSA-hhfv-2xc3-52h6 Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected. | CVSS3: 4.7 | 0% Низкий | почти 2 года назад |
 | BDU:2023-07245 Уязвимость дистрибутива языка программирования Python Anaconda, связанная с возможностью записи в файлы в директории anaconda3, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.7 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу