Nessus scan of Vagrant 2.4.9 flagging High / Medium threats #13780
Description
We have Nessus vulnerability scans of our machines and currently it is flagging several issues with Vagrant 2.4.9 on Mac OS X:
Ruby Rack < 2.2.19 / 3.1.x < 3.1.17 / 3.2.x < 3.2.2 Multiple Vulnerabilities
CVSS Rating 7.5 (v3)
Path : /opt/vagrant/embedded/gems/specifications/rack-3.2.0.gemspec
Installed version : 3.2.0
Fixed version : 3.2.2
Ruby REXML 3.3.3 < 3.4.2 DoS vulnerability
CVSS Rating 5.3 (v3)
CVE-2025-58767
Path : /opt/vagrant/embedded/gems/specifications/rexml-3.4.1.gemspec
Installed version : 3.4.1
Fixed version : 3.4.2
Path : /opt/vagrant/embedded/lib/ruby/gems/3.3.0/specifications/rexml-3.3.9.gemspec
Installed version : 3.3.9
Fixed version : 3.4.2
Reported on security@hashicorp.com with no response.