CVE-2022-25962

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.
References
Link Resource
https://security.snyk.io/vuln/SNYK-JS-VAGRANTJS-3175614 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:vagrant.js_project:vagrant.js:*:*:*:*:*:node.js:*:*

Information

Published : 2023-01-26 09:15

Updated : 2023-02-02 06:27


NVD link : CVE-2022-25962

Mitre link : CVE-2022-25962

Products Affected
No products.
CWE