Medium severity4.3NVD Advisory· Published Nov 29, 2022· Updated Jun 17, 2026
CVE-2022-45307
CVE-2022-45307
Description
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\tools\php81 and all files located in that folder.
Affected products
2- Chocolatey/PHP packagedescription
- Range: <=8.1.12
Patches
Vulnerability mechanics
References
1- github.com/ycdxsb/Vuln/blob/main/php-weak-permission-vuln/php-weak-permission-vuln.mdnvdBroken LinkThird Party Advisory
News mentions
0No linked articles in our index yet.