Skip to main content

Ubuntu CVE-2025-34075

| EUVDEUVD-2025-19756 MEDIUM
2025-07-02 disclosure@vulncheck.com GHSA-hqp6-mjw3-f586
5.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Ubuntu
LOW
qualitative
SUSE
MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
A

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 16, 2026 - 01:55 euvd
EUVD-2025-19756
Analysis Generated
Mar 16, 2026 - 01:55 vuln.today
CVE Published
Jul 02, 2025 - 20:15 nvd
MEDIUM 5.4

DescriptionCVE.org

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary.  https://developer.hashicorp.com/vagrant/docs/synced-folders

AnalysisAI

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Rated medium severity (CVSS 5.4), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary. https://developer.hashicorp.com/vagrant/docs/synced-folders

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Vendor StatusVendor

Ubuntu

Priority: Negligible
vagrant
Release Status Version
noble DNE -
oracular DNE -
plucky DNE -
bionic not-affected -
focal not-affected -
jammy not-affected -
upstream not-affected -
xenial not-affected -

SUSE

Severity: Medium

Share

CVE-2025-34075 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy