CVE-2022-25962

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.
References
Link Resource
https://security.snyk.io/vuln/SNYK-JS-VAGRANTJS-3175614 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:vagrant.js_project:vagrant.js:*:*:*:*:*:node.js:*:*

Information

Published : 2023-01-26 13:15

Updated : 2023-02-02 10:27


NVD link : CVE-2022-25962

Mitre link : CVE-2022-25962


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

vagrant.js_project

  • vagrant.js