CVE-2022-45304

Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\Cmder and all files located in that folder. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt