Описание
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.
Пакеты
Наименование
github.com/hashicorp/vagrant
go
Затронутые версииВерсия исправления
< 2.4.0
2.4.0
Связанные уязвимости
CVSS3: 3.8
nvd
больше 2 лет назад
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.