Filtered by vendor Conda-forge
Subscriptions
Filtered by product Openssl-feedstock
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-35471 | 2 Conda-forge, Microsoft | 3 Miniforge, Openssl-feedstock, Windows | 2025-09-23 | 7.3 High |
| conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected. | ||||
Page 1 of 1.