2 matches found
CVE-2025-59041
Claude Code is an agentic coding tool. At startup, Claude Code executed a command templated in with git config user.email. Prior to version 1.0.105, a maliciously configured user email in git could be used to trigger arbitrary code execution before a user accepted the workspace trust dialog. User...
@4via6/relay (>=1.0.0 <=1.1.3), @axonpush/wizard (>=0.0.1 <=0.0.4) +10 more potentially affected by CVE-2025-59041 via @anthropic-ai/claude-code (>=0.2.126 <=0.2.35)
@anthropic-ai/claude-code NPM version =0.2.126, =1.0.0, =0.0.1, =0.0.55, =1.0.0, =0.0.1, =0.0.1, =1.8.0, =1.4.0, =0.0.1, =0.0.1, =0.0.5 Source cves: CVE-2025-59041 Source advisory: OSV:GHSA-J4H9-WV2M-WRF7...