7 matches found
EUVD-2022-48205
Malicious code in bioql PyPI...
CVE-2022-45306
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder...
CVE-2022-45306
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder...
CVE-2022-45306
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:\agent and all files located in that folder...
PT-2022-27464 · Microsoft · Chocolatey Azure-Pipelines-Agent
Name of the Vulnerable Software and Affected Versions: Chocolatey Azure-Pipelines-Agent versions 2.211.1 and below Description: The issue is related to insecure permissions in the Chocolatey Azure-Pipelines-Agent package, which grants all users in the Authenticated Users group write privileges fo...
Chocolatey Azure-Pipelines-Agent 安全漏洞
Chocolatey can handle various types of installation packages.Azure Pipelines Agent Also known as Azure Pipelines Agent, it is mainly used to generate code or deploy software in the Devops process. A privilege design vulnerability exists in the Chocolatey Azure Pipelines Agent package v2.211.1 and...
CVE-2022-45306
CVE-2022-45306 affects Chocolatey Azure-Pipelines-Agent package versions 2.211.1 and earlier. The vulnerability is insecure permissions: all users in the Authenticated Users group have write privileges to the subfolder C:\agent and all files within. This is documented across multiple sources (Red...