HashiCorp Vagrant
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in HashiCorp Vagrant.
By the Year
In 2026 there have been 0 vulnerabilities in HashiCorp Vagrant. Vagrant did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.80 |
| 2022 | 1 | 7.80 |
It may take a day or so for new Vagrant vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent HashiCorp Vagrant Security Vulnerabilities
Vagrant 2.4.0: Windows Installer Junction Path Traversal
CVE-2023-5834
7.8 - High
- October 27, 2023
HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.
insecure temporary file
Hashicorp Packer <2.3.1 Unsecure Vagrant Sudoers Enables Escalation
CVE-2022-42717
7.8 - High
- October 11, 2022
An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute arbitrary commands as root.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for HashiCorp Vagrant or by HashiCorp? Click the Watch button to subscribe.
