CNNVD-202511-2382 Information

CNNVD ID

CNNVD-202511-2382

Related CVE

CVE-2025-64755

• CNNVD Published: 2025-11-21

Description (Chinese)

Claude Code是Anthropic开源的一个代理编码工具。 Claude Code 2.0.31之前版本存在操作系统命令注入漏洞，该漏洞源于sed命令解析错误，可能导致任意文件写入。

Description (English)

Claude Code is a proxy coding tool for the Anthropic open source. The previous version of Claude Code 2.0.31 had a bug in the operating system command, which originated from an error in sed-order resolution, which could lead to any document being written.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Anthropic

Published

2025-11-21

Last Modified

2026-02-24

References

https://github.com/anthropics/claude-code/security/advisories/GHSA-7mv8-j34q-vp7q https://access.redhat.com/security/cve/cve-2025-64755

Patch

https://code.claude.com/docs/en/overview