Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5834


HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.


Published

2023-10-27T22:15:09.163

Last Modified

2024-11-21T08:42:35.567

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.8 (LOW)

Weaknesses
  • Type: Secondary
    CWE-1386
  • Type: Primary
    CWE-59

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application hashicorp vagrant < 2.4.0 Yes

References