CVE-2025-32797 | conda-build up to 25.3.0 File Creation conda_build.sh write_build_scripts insecure inherited permissions (GHSA-vfp6-3v8g-vcmm)

A vulnerability was found in conda-build up to 25.3.0. It has been classified as problematic. Affected is the function write_build_scripts of the file conda_build.sh of the component File Creation Handler. The manipulation leads to insecure inherited permissions.

This vulnerability is traded as CVE-2025-32797. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More