curl: TLS conn reuse and session cache ignore fsslctx callback and ssl_config_data flags ( incomplete fix variant of 7541ae569 )

Summary matchsslprimaryconfig in lib/vtls/vtls.c:194 and the session-cache key built by cfsslpeerkeybuild in lib/vtls/vtlsscache.c:240 both compare only struct sslprimaryconfig fields when deciding whether to reuse a TLS connection or cached session. Several fields that materially change the TLS...

curl: TLS peer-verification bypass via mid-transfer ssl_config mutation

Hi all, We want to report a TLS peer-verification issue on current master. The trigger is narrow and requires a specific application usage pattern, but when it fires, a transfer that requests CURLOPTSSLVERIFYPEER=1 can reuse a TLS connection that was established with peer verification disabled...

net.sc8s:elastic-testkit_2.13 (>=0.102.0 <=0.108.0), org.elasticsearch.plugin:transport-netty4 (>=9.0.0 <=9.1.10) +4 more potentially affected by CVE-2025-37731 via org.elasticsearch:elasticsearch-ssl-config (>=9.0.0-beta1 <=9.1.7)

org.elasticsearch:elasticsearch-ssl-config MAVEN version =9.0.0-beta1, =0.102.0, =9.0.0, =9.0.0, =9.1.4, =9.0.0, =9.0.0, =9.1.10 Source cves: CVE-2025-37731 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-14417579...

com.aconex.scrutineer:scrutineer (=7.9.3), com.playtika.testcontainers:embedded-elasticsearch (>=2.0.0 <=2.0.11) +15 more potentially affected by CVE-2025-37731 via org.elasticsearch:elasticsearch-ssl-config (>=7.8.1 <=8.19.7)

org.elasticsearch:elasticsearch-ssl-config MAVEN version =7.8.1, =2.0.0, =0.2.7.1, =0.83.0, =7.9.01, =7.8.1, =1.5.0, =7.8.1, =7.8.1, =7.8.1, =8.10.0, =7.8.1, =8.10.0, =8.0.0, =8.19.15 and more Source cves: CVE-2025-37731 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-14417579...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the PKI realm. An attacker can impersonate other users by presenting specially crafted client certificates signed by a trusted Certificate Authority. Note: This is only exploitable if the attacker...

org.elasticsearch.plugin:transport-netty4 (>=9.2.0 <=9.2.1), org.elasticsearch.plugin:x-pack-core (>=9.2.0 <=9.2.1) +3 more potentially affected by CVE-2025-37731 via org.elasticsearch:elasticsearch-ssl-config (>=9.2.0 <=9.2.1)

org.elasticsearch:elasticsearch-ssl-config MAVEN version =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.2.1 Source cves: CVE-2025-37731 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-14417579...

CVE-2025-27237

CVE-2025-27237 affects Zabbix Agent and Agent 2 on Windows. The OpenSSL configuration is loaded from a path writable by low-privileged users, enabling an attacker to plant a malicious openssl.cnf that loads an arbitrary DLL at service restart, potentially achieving Local Privilege Escalation. The...

CVE-2025-2769

Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system i...

CVE-2021-3613

OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process OpenVPNConnect.exe...