Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.

Related CVEs

CVE-2022-2147

Key Information

GHSA ID

GHSA-frq6-c9vg-hmxj

Published

June 24, 2022 12:00 AM

Last Modified

July 2, 2022 12:00 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: November 26, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.