CVE-2025-41255

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-41255

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-41255.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-41255

Related

GHSA-vjjc-grpp-m655

Published

2025-06-25T10:15:21Z

Modified

2025-06-27T11:00:54.854548Z

Summary

[none]

Details

Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates (e.g., self-signed), unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions.

This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17.5.

References

Affected packages

Git / github.com/iterate-ch/cyberduck

Affected ranges

Type: GIT
Repo: https://github.com/iterate-ch/cyberduck
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

53bf5bba71249806e3fe4dec04be6db3a15355b0

Affected versions

Other

$TAG_NAME

release-3-3

release-3-3-1

release-3-3-beta1

release-3-3-beta2

release-3-3-beta3

release-3-3-beta4

release-3-4

release-3-4-1

release-3-4-2

release-3-5

release-3-5-1

release-3-6

release-3-6-1

release-3-7

release-3-8

release-3-8-1

release-4-0

release-4-0-1

release-4-0-2

release-4-1

release-4-1-1

release-4-1-2

release-4-1-3

release-4-2

release-4-2-1

release-4-3

release-4-4

release-4-4-1

release-4-4-2

release-4-4-3

release-4-4-4

release-4-5

release-4-5-1

release-4-5-2

release-4-6

release-4-6-1

release-4-6-2

release-4-6-3

release-4-6-4

release-4-6-5

release-4-7

release-4-7-1

release-4-7-2

release-4-7-3

release-4-7-4

release-4-7-5

release-4-7-6

release-4-7-7

release-4-8

release-4-8-1

release-4-8-2

release-4-8-3

release-5-0

release-5-0-1

release-5-0-10

release-5-0-11

release-5-0-12

release-5-0-13

release-5-0-14

release-5-0-2

release-5-0-3

release-5-0-4

release-5-0-5

release-5-0-6

release-5-0-7

release-5-0-8

release-5-0-9

release-5-1-0

release-5-1-1

release-5-1-2

release-5-1-3

release-5-2-0

release-5-2-1

release-5-2-2

release-5-2-3

release-5-3-0

release-5-3-1

release-5-3-2

release-5-3-3

release-5-3-4

release-5-3-5

release-5-3-6

release-5-3-7

release-5-3-8

release-5-3-9

release-5-4-0

release-5-4-1

release-5-4-2

release-5-4-3

release-5-4-4

release-6-0-0

release-6-0-1

release-6-0-2

release-6-0-3

release-6-0-4

release-6-1-0

release-6-2-0

release-6-2-1

release-6-2-10

release-6-2-11

release-6-2-2

release-6-2-3

release-6-2-4

release-6-2-5

release-6-2-6

release-6-2-7

release-6-2-8

release-6-2-9

release-6-3-0

release-6-3-1

release-6-3-2

release-6-3-3

release-6-3-4

release-6-3-5

release-6-4-0

release-6-4-1

release-6-4-2

release-6-4-3

release-6-4-4

release-6-4-5

release-6-4-6

release-6-5-0

release-6-6-0

release-6-6-1

release-6-6-2

release-6-7-0

release-6-7-1

release-6-7-2

release-6-8-0

release-6-8-1

release-6-8-2

release-6-8-3

release-6-8-4

release-6-9-0

release-6-9-1

release-6-9-10

release-6-9-11

release-6-9-12

release-6-9-2

release-6-9-3

release-6-9-4

release-6-9-5

release-6-9-6

release-6-9-7

release-6-9-8

release-6-9-9

release-7-0-0

release-7-0-1

release-7-0-2

release-7-0-3

release-7-1-0

release-7-1-1

release-7-1-2

release-7-10-0

release-7-10-1

release-7-10-2

release-7-2-0

release-7-2-1

release-7-2-2

release-7-2-3

release-7-2-4

release-7-2-5

release-7-2-6

release-7-2-7

release-7-3-0

release-7-3-1

release-7-4-0

release-7-4-1

release-7-4-2

release-7-4-3

release-7-5-0

release-7-5-1

release-7-5-2

release-7-6-0

release-7-6-1

release-7-6-2

release-7-6-3

release-7-6-4

release-7-6-5

release-7-7-0

release-7-7-1

release-7-7-2

release-7-8-0

release-7-8-1

release-7-8-2

release-7-8-3

release-7-8-4

release-7-8-5

release-7-9-0

release-7-9-1

release-7-9-2

release-7-9-3

release-8-0-0

release-8-0-1

release-8-0-2

release-8-1-0

release-8-1-1

release-8-1-2

release-8-2-0

release-8-2-1

release-8-2-2

release-8-2-3

release-8-3-0

release-8-3-1

release-8-3-2

release-8-3-3

release-8-4-0

release-8-4-1

release-8-4-2

release-8-4-3

release-8-4-4

release-8-4-5

release-8-5-0

release-8-5-1

release-8-5-2

release-8-5-3

release-8-5-4

release-8-5-5

release-8-5-6

release-8-5-7

release-8-5-8

release-8-5-9

release-8-6-0

release-8-6-1

release-8-6-2

release-8-7-0

release-8-7-1

release-8-7-2

release-8-7-3

release-8-8-0

release-8-8-1

release-8-8-2

release-8-9-0

release-9-0-0

release-9-0-1

release-9-0-2

release-9-0-3

release-9-1-0

release-9-1-1

release-9-1-2

release-9-1-3

release-9-1-4

release-9-1-5

release-9-1-6