CNNVD-202508-1359 Information

CNNVD ID

CNNVD-202508-1359

Related CVE

CVE-2025-55345

• CNNVD Published: 2025-08-13

Description (Chinese)

OpenAI Codex CLI是OpenAI开源的一个在终端中运行的轻量级编码代理软件。 OpenAI Codex CLI存在安全漏洞，该漏洞源于恶意上下文中使用Codex CLI可能导致任意文件覆盖和潜在远程代码执行。

Description (English)

OpenAI Codex CLI is a lightweight coding agent running in the terminal from OpenAI Open Source. OpenAI Codex CLI has a security loophole, which stems from the use of Codex CLI in a malicious context, which may result in arbitrary document coverage and potential remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OpenBMC

Published

2025-08-13

Last Modified

2026-02-24

References

https://github.com/openai/codex/pull/1705 https://research.jfrog.com/vulnerabilities/codex-cli-symlink-arbitrary-file-overwrite-jfsa-2025-001378631/

Patch

https://github.com/openai/codex/releases