Vuln ID: CVE-2022-45306
Published: 2022-11-29 02:15:09Z
Description: Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:agent and all files located in that folder.
Source: NVD.NIST.GOV