← Zuruck zu CVEs
CVE-2025-64755
CRITICAL9.8
Beschreibung
Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht11/21/2025
Zuletzt geandert12/4/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
anthropic:claude_code
Schwachen (CWE)
CWE-78
Referenzen
https://github.com/anthropics/claude-code/security/advisories/GHSA-7mv8-j34q-vp7q(security-advisories@github.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.