216.73.217.176

CVE-2025-64755

· Published 21/11/2025 02:15 · Modified 04/12/2025 18:03

Labels: CVE-2025-64755 2025-11-21CVE-2025-64755CWE-78[email protected]

Essential information

Published
21/11/2025 02:15
Modified
04/12/2025 18:03
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Claude Code is an agentic coding tool. Prior to version 2.0.31, due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. This issue has been patched in version 2.0.31.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
anthropic / claude code cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*

References