CVE-2025-34075 | THREATINT

REJECTED Reserved 2025-04-15 | Published 2025-07-02 | Updated 2025-07-16 | Assigner VulnCheck

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary. https://developer.hashicorp.com/vagrant/docs/synced-folders

As a rule, REJECTED CVE Records should be ignored and the CVE ID and the associated CVE Record should no longer be used. A REJECTED CVE Record remains on the CVE List so that users know that the CVE ID and CVE Record are invalid.

References

cve.org (CVE-2025-34075)

nvd.nist.gov (CVE-2025-34075)

Download JSON