By the Year
In 2023 there have been 0 vulnerabilities in HashiCorp Packer . Last year Packer had 1 security vulnerability published. Right now, Packer is on track to have less security vulnerabilities in 2023 than it did last year.
It may take a day or so for new Packer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent HashiCorp Packer Security Vulnerabilities
An issue was discovered in Hashicorp Packer before 2.3.1
7.8 - High
- October 11, 2022
An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.
Improper Privilege Management
An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images
5.3 - Medium
- August 25, 2018
An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image (AMI) from the uncurated public community AMI catalog.
Incorrect Permission Assignment for Critical Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for HashiCorp Packer or by HashiCorp? Click the Watch button to subscribe.