Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/22 1:17 a.m.6 views

CVE-2025-64755

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References1
NVD
NVD
added 2025/11/21 2:15 a.m.11 views

CVE-2025-64755

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...

9.8CVSS0.00394EPSS
Exploits0References1
CVE
CVE
added 2025/11/21 1:13 a.m.17 views

CVE-2025-64755

CVE-2025-64755 affects Claude Code (Anthropic). A parsing error in sed command handling prior to version 2.0.31 allowed bypassing the read-only validation and writing to arbitrary host files (e.g., injection into shell config files). The issue enables potential arbitrary file writes and has been ...

9.8CVSS6.9AI score0.00394EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/21 1:13 a.m.5 views

CVE-2025-64755 @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31...

8.7CVSS6.9AI score0.00394EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.10 views

PT-2025-47656

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.31 Description Claude Code is an agentic coding tool that had a critical remote code execution issue. Prior to version 2.0.31, an error in sed command parsing allowed bypassing the read-only validation, enabli...

9.8CVSS8.4AI score0.00394EPSS
Exploits0References21
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.4 views

Claude Code 操作系统命令注入漏洞

Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 2.0.31, which stems from an error in the parsing of the sed command and could lead to arbitrary file writes...

9.8CVSS7.4AI score0.00394EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/20 9:28 p.m.5 views

Command Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Command Injection due to improp...

8.8CVSS7.5AI score0.00394EPSS
Exploits0References2
Rows per page
Query Builder