CVE-2025-64343

Description

(conda) Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write access by authenticated users. Any logged in user can make modifications during the installation for both single-user and all-user installations. This constitutes a local attack vector if the installation is in a directory local users have access to. For single-user installations in a shared directory, these permissions persist after the installation. This issue is fixed in version 3.13.0.

CVSS v3.1 Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

CWE-289 CWE-289

References

Other References

https://github.com/conda/constructor/commit/c368383710a7c2b81ad1b0ecb9724b38d3577447 https://github.com/conda/constructor/releases/tag/3.13.0 https://github.com/conda/constructor/security/advisories/GHSA-vvpr-2qg4-2mrq

Frequently Asked Questions

What is CVE-2025-64343? +

(conda) Constructor is a tool that enables users to create installers for conda package collections. In versions 3.12.2 and below, the installation directory inherits permissions from its parent directory. Outside of restricted directories, the permissions are very permissive and often allow write access by authenticated users. Any logged in user can make modifications during the installation for both single-user and all-user installations. This constitutes a local attack vector if the installation is in a directory local users have access to. For single-user installations in a shared directory, these permissions persist after the installation. This issue is fixed in version 3.13.0. It has a CVSS v3.1 base score of 7.8 (HIGH).

How severe is CVE-2025-64343? +

CVE-2025-64343 has a CVSS v3.1 score of 7.8 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

How do I check if I'm vulnerable to CVE-2025-64343? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-13613 9.8

The Elated Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.2. This …

CVE-2024-56511 9.8

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in …

CVE-2025-29266 9.6

Unraid 7.0.0 before 7.0.1 allows remote users to access the Unraid WebGUI and web console as root without authentication if …

CVE-2024-55634 8.1

A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, …

CVE-2025-41248 7.5

The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super …

CVE-2024-2098 7.5

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on …