Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Vagrant’s Windows Installer Allowed Directory Junction Write
Vulnerability Description
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
Vulnerability Type
CWE-1386
Vulnerability Title
Vagrant 安全漏洞
Vulnerability Description
Vagrant是用于管理虚拟机生命周期的命令行实用程序。在单个一次性且一致的环境中隔离依赖项及其配置。 HashiCorp Vagrant 2.4.0之前版本存在安全漏洞,该漏洞源于存在未经授权的文件系统写入。
CVSS Information
N/A
Vulnerability Type
N/A