CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42969

Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.019

EPSS Ranking 82.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

https://yuaneuro.cn/anaconda/anaconda_command_execution.docx
https://yuaneuro.cn/anaconda/anaconda_command_execution.docx

Products affected by CVE-2021-42969

Anaconda » Anaconda3 » Version: 2021.05

cpe:2.3:a:anaconda:anaconda3:2021.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42969

Products

Pricing

Contact Us