Vulnerabilities > Hashicorp > Vagrant
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-27 | CVE-2023-5834 | Link Following vulnerability in Hashicorp Vagrant HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. | 7.8 |
| 2022-10-11 | CVE-2022-42717 | Unspecified vulnerability in Hashicorp Vagrant An issue was discovered in Hashicorp Packer before 2.3.1. | 7.8 |
| 2017-11-16 | CVE-2017-16777 | Uncontrolled Search Path Element vulnerability in Hashicorp Vagrant 5.0.3 If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root. | 7.2 |
| 2017-11-06 | CVE-2017-16001 | Race Condition vulnerability in Hashicorp Vagrant 5.0.1 In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. | 7.2 |