Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HAnaconda Anaconda3
APPAnaconda2021.05
Related vulnerabilities
Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed ...
Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a wo...
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pe...
An issue was discovered in the Dask distributed package before 2021.10.0 for Python. Single machine Dask clust...
Conda-build contains commands and tools to build conda packages. Prior to version 25.4.0, the conda-build reci...