CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

May 13, 2025

CVE ID : CVE-2025-35471

Published : May 13, 2025, 2:15 a.m. | 49 minutes ago

Description : conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous Article7 Best Free and Open Source Console Web Browsers

Next Article CVE-2025-43011 – SAP Landscape Transformation Authorization Bypass Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

How to implement seleniums LoadableComponent with a fluent API?

Revolutionizing Computing: How Windows 365 Link Brings the Cloud PC Dream to Life?

Leveraging WebSockets for Real-Time Data in React Applications

Why the TikTok ban could collapse the creator economy

Volaris for Desktop – wrapper for Volaris

Russian Star Blizzard is Now After Your WhatsApp Data

CVE-2025-4150 – Netgear EX6200 Remote Buffer Overflow

ZealousWeb LLC

CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

Related Posts