CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Chocolatey: >> Chocolatey Azure-Pipelines-Agent Security Vulnerabilities

CVE-2022-45306

Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.

CVSS Score

4.3

EPSS Score

0.0

Published

2022-11-29

Page 1

Vulnerabilities

Vulnerable Software

Chocolatey: >> Chocolatey Azure-Pipelines-Agent Security Vulnerabilities

Products

Pricing

Contact Us