CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

May 13, 2025

CVE ID : CVE-2025-35471

Published : May 13, 2025, 2:15 a.m. | 49 minutes ago

Description : conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleMultimodal AI Needs More Than Modality Support: Researchers Propose General-Level and General-Bench to Evaluate True Synergy in Generalist Models

Next Article CVE-2025-43011 – SAP Landscape Transformation Authorization Bypass Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Sam Altman doesn’t want his son to have an AI “bestie” — as Microsoft plans to turn Copilot into an AI friend and companion

ChatGPT downplays AI’s threat to humanity despite an apparent “99.999999% probability” of inevitable doom

Surface Pro 12-inch vs. iPad Air M3: Which should you choose?

A customizable and accessible web component

A customizable and accessible web component

How Agile Helps You Improve Your Agility

Laravel Seeder Generator

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Sam Altman doesn’t want his son to have an AI “bestie” — as Microsoft plans to turn Copilot into an AI friend and companion

ChatGPT downplays AI’s threat to humanity despite an apparent “99.999999% probability” of inevitable doom

CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47858 – Apache HTTP Server Cross-Site Request Forgery

Lessons and surprises from a Kubernetes migration

This deal gets you Microsoft 365 for less than half price… from a certain point of view

Microsoft is now officially rolling out Windows 11 24H2 on Windows 10 as an optional upgrade

How to clear the cache on your TV (and why you should do it)

Microsoft aims to be “carbon negative” by 2030, with 3 million carbon removal credits in its backyard of Washington

Toddle.dev: The Future of Visual Web Application Development

Operating System: Explained In Detail

I tested a robot mower with no boundary wire – here’s my buying advice after a month

CVE-2025-35471 – Conda Forge OpenSSL-Feedstock Local Privilege Escalation

Related Posts