Hashicorp Vagrant
4 CVEs affecting Hashicorp Vagrant. Latest disclosed: 2024-10-29. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-16777 | High | 7.8 | 2017-11-16 | If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake applicati… |
CVE-2017-16001 | High | 7.8 | 2017-11-06 | In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in orde… |
CVE-2024-10228 | Low | 3.8 | 2024-10-29 | The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing p… |
CVE-2023-5834 | Low | 3.8 | 2023-10-27 | HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized fil… |