CNNVD-202509-3222 Information
CNNVD ID
CNNVD-202509-3222
Related CVE
- CNNVD Published: 2025-09-22
Description (Chinese)
OpenAI Codex CLI是OpenAI开源的一个在终端中运行的轻量级编码代理软件。 OpenAI Codex CLI 0.2.0版本至0.38.0版本存在输入验证错误漏洞,该漏洞源于沙箱配置逻辑错误,可能导致任意文件写入和命令执行。
Description (English)
OpenAI Codex CLI is a lightweight coding agent running in the terminal from OpenAI Open Source. OpenAI Codex CLI versions 0.2.0 to 0.38.0 have input validation error holes, which stem from a sandbox configuration logic error that may lead to any file writing and command execution.
Hazard Level
Medium
Vulnerability Type
输入验证错误
Affected Vendor
OpenBMC
Published
2025-09-22
Last Modified
2026-02-24
References
https://github.com/openai/codex/releases/tag/rust-v0.39.0 https://github.com/openai/codex/security/advisories/GHSA-w5fx-fh39-j5rw https://github.com/openai/codex/commit/8595237505a1e0faabc2af3db805b66ce3ae182d https://access.redhat.com/security/cve/cve-2025-59532
Patch
https://github.com/openai/codex/releases
Share on: