Unrated severityNVD Advisory· Published Nov 29, 2022· Updated Apr 25, 2025

CVE-2022-45305

Description

Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\Python311 and all files located in that folder.

Affected products

Chocolatey/Python3 packagedescription
Chocolatey/Python3llm-create
Range: <=3.11.0

Patches

Vulnerability mechanics

References

github.com/ycdxsb/Vuln/blob/main/python3-weak-permission-vuln/python3-weak-permission-vuln.mdmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000