CVE-2025-59829
BaseFortify
Publication date: 2025-10-03
Last updated on: 2025-10-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anthropic | claude_code | to 1.0.120 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-61 | The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Claude Code versions below 1.0.120 did not properly handle symbolic links (symlinks) when enforcing permission deny rules. This means that if a user denied Claude Code access to a file, but there was a symlink pointing to that file which Claude Code could access, the tool could still access the file through the symlink. This issue was fixed in version 1.0.120.
How can this vulnerability impact me? :
This vulnerability could allow Claude Code to access files that a user explicitly denied it access to, by exploiting symlinks. This could lead to unauthorized access to sensitive files, potentially exposing private or confidential information.
What immediate steps should I take to mitigate this vulnerability?
Update Claude Code to version 1.0.120 or later. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates should update to the latest version to mitigate this vulnerability.