2 matches found
PT-2024-25900 · Mullvad · Mullvad Vpn
Name of the Vulnerable Software and Affected Versions: Mullvad VPN versions through 2024.1 Description: The issue allows DNS traffic to leave the device when Mullvad VPN on Android fails to create a tunnel and does not set a DNS server in the blocking state. This can result in sensitive DNS...
CVE-2024-34446
Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state after a hard failure to create a tunnel, and thus DNS traffic can leave the device. Data showing that the affected device was the origin of sensitive DNS requests may be observed and logged by operators of...