VYPR
High severity7.8NVD Advisory· Published Aug 30, 2022· Updated Jun 17, 2026

CVE-2022-37172

CVE-2022-37172

Description

Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.

Affected products

2
  • Msys2/Msys2description
  • Msys2/Msys2llm-fuzzy
    Range: <=20220603

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.