CVE-2024-46062 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During install…
High CVSS: 7.8

CVE-2024-46062

Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This flaw allows a local low-privileged user to inject arbitrary commands, leading to code execution as the root user.
Vendor
Conda
Product
Miniconda3
CWE
CWE-77
Yayın Tarihi
2025-12-17 19:16:00
Güncelleme
2026-01-05 14:37:33
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-77 Miniconda3 HIGH Conda 2025

Referanslar

https://m8sec.dev/blog/privilege-escalation-macos-pkg-installers/ https://www.anaconda.com/docs/getting-started/miniconda/release/23.x#miniconda-23-11-0-1