Chocolatey Cmder

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-29	CVE-2022-45304	Incorrect Permission Assignment for Critical Resource vulnerability in Chocolatey Cmder Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder. network low complexity chocolatey CWE-732	4.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.