Anaconda3

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:anaconda:anaconda3:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAnaconda (3b46250f-37c4-5689-8080-4097943a18fc)
ProductAnaconda3 (97dd9cb1-1619-58cd-a3e5-1d9b98f18fae)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-46060 vulnerable 2026-06-08 06:48:09.923706 Details available
Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This allows a local low-privileged user to inject arbitrary commands, leading to code execution as the root user.
Published: 2025-12-17T00:00:00.000Z
Updated: 2025-12-18T18:52:56.399Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-26526 vulnerable 2026-06-08 05:41:52.356900 Details available
Anaconda Anaconda3 (Anaconda Distribution) through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse file into that directory. (This problem can only happen in a non-default installation. The person who installs the product must specify that it is being installed for all users. Also, the person who installs the product must specify that the system PATH should be changed.
Published: 2022-03-17T14:57:36.000Z
Updated: 2024-08-03T05:03:32.786Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.