CVE-2024-37391

July 22, 2024, 1 p.m.

Product(s) Impacted

ProtonVPN

before 3.2.10

Description

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss.

Weaknesses

Date

Published: July 22, 2024, 7:15 a.m.

Last Modified: July 22, 2024, 1 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/ProtonVPN/win-app/commit/2e4e25036842aaf48838c6a59f14671b86c20aa7

cve@mitre.org

https://github.com/ProtonVPN/win-app/compare/3.2.9...3.2.10

cve@mitre.org

CVE-2024-37391

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

Share