Vagrant.js Project Vagrant.js — known CVE vulnerabilities
Every CVE whose affected-product data names Vagrant.js Project Vagrant.js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2022-25962 — CVSS 7.4 (high): All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.