CVEDB API

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.6%

CVSS Severity

CVSS v3 Score 7.4

References

Products affected by CVE-2022-25962

Vagrant.js Project » Vagrant.js » Version: N/A

cpe:2.3:a:vagrant.js_project:vagrant.js:-
Vagrant.js Project » Vagrant.js » Version: 0.0.1

cpe:2.3:a:vagrant.js_project:vagrant.js:0.0.1
Vagrant.js Project » Vagrant.js » Version: 0.0.2

cpe:2.3:a:vagrant.js_project:vagrant.js:0.0.2
Vagrant.js Project » Vagrant.js » Version: 0.0.3

cpe:2.3:a:vagrant.js_project:vagrant.js:0.0.3
Vagrant.js Project » Vagrant.js » Version: 0.0.4

cpe:2.3:a:vagrant.js_project:vagrant.js:0.0.4