CNNVD-202509-1505 Information

CNNVD ID

CNNVD-202509-1505

Related CVE

CVE-2025-59041

• CNNVD Published: 2025-09-10

Description (Chinese)

Claude Code是Anthropic开源的一个代理编码工具。 Claude Code 1.0.105之前版本存在代码注入漏洞，该漏洞源于git配置中的恶意用户邮箱可能导致任意代码执行。

Description (English)

Claude Code is a proxy coding tool for the Anthropic open source. The pre-Claude Code 1.005 code-injection loophole, which originated from the malicious user mailbox in the Git configuration, could lead to arbitrary code execution.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

Anthropic

Published

2025-09-10

Last Modified

2026-02-24

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-j4h9-wv2m-wrf7

Patch

https://github.com/anthropics/claude-code