4 matches found
CVE-2025-58373
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files th...
CVE-2025-58373 Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files th...
CVE-2025-58373 Roo Code: Symlink-bypass of .rooignore can lead to unintended file disclosure
Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions 3.25.23 and below contain a vulnerability where .rooignore protections could be bypassed using symlinks. This allows an attacker with write access to the workspace to trick the extension into reading files th...
PT-2025-36341
Name of the Vulnerable Software and Affected Versions: Roo Code versions 3.25.23 and below Description: Roo Code, an AI-powered autonomous coding agent, is susceptible to a bypass of its .rooignore protections when using symlinks. This allows an attacker with write access to the workspace to read...