ГлавнаяУязвимости → CVE-2024-37391
7.8высокая

CVE-2024-37391

Описание

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss.

Затрагиваемое ПО
Proton ProtonvpnMicrosoft Windows
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/ProtonVPN/win-app/commit/2e4e25036842aaf48838c6a59f14671b86c20aa7https://github.com/ProtonVPN/win-app/compare/3.2.9...3.2.10https://github.com/ProtonVPN/win-app/commit/2e4e25036842aaf48838c6a59f14671b86c20aa7https://github.com/ProtonVPN/win-app/compare/3.2.9...3.2.10