VYPR
Medium severity4.3NVD Advisory· Published Nov 29, 2022· Updated Jun 17, 2026

CVE-2022-45307

CVE-2022-45307

Description

Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.