Every CVE whose affected-product data names Hashicorp Vagrant, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-16001 — CVSS 7.8 (high): In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin…
CVE-2017-16777 — CVSS 7.8 (high): If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can…
CVE-2022-42717 — CVSS 7.8 (high): An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the…
CVE-2023-5834 — CVSS 3.8 (low): HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential…