Unrated severityNVD Advisory· Published Dec 21, 2022· Updated Apr 16, 2025
CVE-2022-46330
CVE-2022-46330
Description
Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.0.1
- Squirrel/Installers generated by Squirrel.Windowsv5Range: 2.0.1 and earlier
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.