VYPR

Azure-Pipelines-Agent

by Microsoft

CVEs (1)

  • CVE-2022-45306MedNov 29, 2022
    risk 0.28cvss 4.3epss 0.00

    Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder.