VYPR
Unrated severityNVD Advisory· Published Dec 21, 2022· Updated Apr 16, 2025

CVE-2022-46330

CVE-2022-46330

Description

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <=2.0.1
  • Squirrel/Installers generated by Squirrel.Windowsv5
    Range: 2.0.1 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.