CVE-2025-49843 | conda-forge conda-smithy up to 3.47.0 Configuration File travis_headers default permission (GHSA-h9v8-rrqg-3m95)

A vulnerability was found in conda-forge conda-smithy up to 3.47.0 and classified as critical. This issue affects the function travis_headers of the component Configuration File Handler. The manipulation leads to incorrect default permissions.

The identification of this vulnerability is CVE-2025-49843. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More