GHSA-54jw-jqr9-6cj9

Source

https://github.com/advisories/GHSA-54jw-jqr9-6cj9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-54jw-jqr9-6cj9/GHSA-54jw-jqr9-6cj9.json

Aliases

CVE-2022-25962

Published

2023-01-26T21:30:25Z

Modified

2023-11-08T04:08:52.876154Z

Details

All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization.

References

Affected packages

npm / vagrant.js

Package

Name: vagrant.js

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Last affected

0.0.4