CNNVD-202510-397 Information
Oct 03, 2025
cve
CNNVD ID
CNNVD-202510-397
Related CVE
- CNNVD Published: 2025-10-03
Description (Chinese)
Claude Code是Anthropic开源的一个代理编码工具。 Claude Code 1.0.120之前版本存在安全漏洞,该漏洞源于检查权限拒绝规则时未考虑符号链接,可能导致绕过文件访问限制。
Description (English)
Claude Code is a proxy coding tool for the Anthropic open source. There was a security gap in the pre-Claude Code 1.0.120 version, which resulted from the failure to take into account a symbol link when the inspection permission denial rules were applied, which could lead to circumventing document access restrictions.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Anthropic
Published
2025-10-03
Last Modified
2026-02-24
References
https://github.com/anthropics/claude-code/security/advisories/GHSA-66m2-gx93-v996
Patch
https://docs.claude.com/en/docs/claude-code/overview
Share on: