CNNVD-202506-3121 Information
CNNVD ID
CNNVD-202506-3121
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
Claude Code是Anthropic开源的一个代理编码工具。 Claude Code存在安全漏洞,该漏洞源于未授权的WebSocket连接,可能导致读取任意文件或执行代码。以下版本受到影响:Claude Code for VSCode 0.2.116至1.0.23版本和Claude Code [beta] 0.1.1至0.1.8版本。
Description (English)
Claude Code is a proxy coding tool for the Anthropic open source. Claude Code has a security loophole, which stems from unauthorized WebSocket connections, which may lead to the reading of any document or code of execution. The following versions were affected: Claude Code for VSCode Versions 0.2.116 to 1.0.23 and Claude Code [beta] Versions 0.1.1 to 0.1.8.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Anthropic
Published
2025-06-24
Last Modified
2026-02-24
References
https://github.com/anthropics/claude-code/security/advisories/GHSA-9f65-56v6-gxw7 https://access.redhat.com/security/cve/cve-2025-52882
Patch
https://github.com/anthropics/claude-code
Share on: