7 matches found
CVE-2025-64755
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...
CVE-2025-64755
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...
CVE-2025-64755
CVE-2025-64755 affects Claude Code (Anthropic). A parsing error in sed command handling prior to version 2.0.31 allowed bypassing the read-only validation and writing to arbitrary host files (e.g., injection into shell config files). The issue enables potential arbitrary file writes and has been ...
CVE-2025-64755 @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...
PT-2025-47656
Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.31 Description Claude Code is an agentic coding tool that had a critical remote code execution issue. Prior to version 2.0.31, an error in sed command parsing allowed bypassing the read-only validation, enabli...
Claude Code 操作系统命令注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 2.0.31, which stems from an error in the parsing of the sed command and could lead to arbitrary file writes...
Command Injection
Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Command Injection due to improp...