CVE-2025-49843
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-17

Last updated on: 2025-06-18

Assigner: GitHub, Inc.

Description
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_headers function in the conda-smithy repository creates files with permissions exceeding 0o600, allowing read and write access beyond the intended user/owner. This violates the principle of least privilege, which mandates restricting file permissions to the minimum necessary. An attacker could exploit this to access configuration files in shared hosting environments. This issue has been patched in version 3.47.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-17
Last Modified
2025-06-18
Generated
2026-05-07
AI Q&A
2025-06-17
EPSS Evaluated
2026-05-05
NVD
CVE-2025-49843
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in conda-smithy (up to version 3.47.0) involves the travis_headers function creating files with permissions broader than 0o600, meaning files are accessible for reading and writing beyond the intended user or owner. This violates the principle of least privilege by not restricting file permissions to the minimum necessary. An attacker in shared hosting environments could exploit this to access sensitive configuration files. The issue was fixed in version 3.47.1 by enforcing stricter file permissions. [1]


How can this vulnerability impact me? :

If you use conda-smithy versions up to 3.47.0, this vulnerability could allow an attacker in a shared hosting environment to read or modify your configuration files due to overly permissive file permissions. This could lead to information disclosure or unauthorized code execution, potentially compromising your system or build processes. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking the file permissions of files created by the travis_headers function in conda-smithy, especially those related to Travis CI tokens or configuration files. Look for files with permissions broader than 0o600 (i.e., permissions that allow read or write access to group or others). For example, on a Unix-like system, you can run commands like: `ls -l path/to/travis_token_file` to inspect permissions. To find files with overly permissive settings, you can use: `find path/to/conda-smithy -type f ! -perm 600` which lists files not having exactly 600 permissions. These checks help identify files that may expose sensitive information due to incorrect permissions. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation steps are to upgrade conda-smithy to version 3.47.1 or later, where the issue has been patched by enforcing stricter file permissions. Until you upgrade, avoid using the Travis CI registration feature in conda-smithy to prevent creating files with insecure permissions. Additionally, you can manually correct file permissions on existing files created by the vulnerable versions by setting them to 600 using a command like `chmod 600 path/to/travis_token_file` to restrict access to the owner only. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart