Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN666
_____________________________________________________________________

DATE                : 07/10/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Claude Code versions prior to
                                     1.0.120.

=====================================================================
https://github.com/anthropics/claude-code/security/advisories/GHSA-4fgq-fpq9-mr3g
https://github.com/anthropics/claude-code/security/advisories/GHSA-66m2-gx93-v996
_____________________________________________________________________

Command execution prior to Claude Code startup trust dialog
High
ddworken published GHSA-4fgq-fpq9-mr3g Oct 3, 2025

Package
@anthropic-ai/claude-code (npm)

Affected versions
< v1.0.111

Patched versions
v1.0.111


Description

Due to a bug in the startup trust dialog implementation, Claude Code
could be tricked to execute code contained in a project before the
user accepted the startup trust dialog. Exploiting this requires a
user to start Claude Code in an untrusted directory.

Users on standard Claude Code auto-update will have received this
fix automatically. Users performing manual updates are advised to
update to the latest version.

Thank you to https://hackerone.com/avivdon for reporting this issue!


Severity
High
8.7/ 10

CVSS v4 base metrics
Exploitability Metrics
Attack Vector Network
Attack Complexity Low
Attack Requirements None
Privileges Required None
User interaction Passive
Vulnerable System Impact Metrics
Confidentiality High
Integrity High
Availability High
Subsequent System Impact Metrics
Confidentiality None
Integrity None
Availability None
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVE ID
CVE-2025-59536

Weaknesses
Weakness CWE-94

_____________________________________________________________________


Permission deny bypass through symlink
Low
ddworken published GHSA-66m2-gx93-v996 Oct 3, 2025

Package
@anthropic-ai/claude-code (npm)

Affected versions
< v1.0.120

Patched versions
v1.0.120


Description

Claude Code failed to account for symlinks when checking permission
deny rules. If a user explicitly denied Claude Code access to a file
and Claude Code had access to a symlink pointing to that file, it was
possible for Claude Code to access the file.

Users on standard Claude Code auto-update will have received this fix
automatically. Users performing manual updates are advised to update
to the latest version.

Thank you to https://hackerone.com/vinai for reporting this issue!


Severity
Low
2.3/ 10

CVSS v4 base metrics
Exploitability Metrics
Attack Vector Network
Attack Complexity Low
Attack Requirements Present
Privileges Required None
User interaction Passive
Vulnerable System Impact Metrics
Confidentiality Low
Integrity Low
Availability None
Subsequent System Impact Metrics
Confidentiality None
Integrity None
Availability None
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

CVE ID
CVE-2025-59829

Weaknesses
Weakness CWE-61 


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================