Unrated severityNVD Advisory· Published Nov 29, 2022· Updated Apr 25, 2025
CVE-2022-45304
CVE-2022-45304
Description
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder.
Affected products
2- Chocolatey/Cmder packagedescription
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.