@anthropic-ai/claude-code
Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you.
Security Advisories for @anthropic-ai/claude-code in npm
High
about 1 month ago
Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json
npm
@anthropic-ai/claude-code
Low
about 1 month ago
Claude Code has Permission Deny Bypass Through Symbolic Links
npm
@anthropic-ai/claude-code
High
about 1 month ago
Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions
npm
@anthropic-ai/claude-code
High
about 1 month ago
Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection
npm
@anthropic-ai/claude-code
High
about 1 month ago
Claude Code has a Command Injection in find Command Bypasses User Approval Prompt
npm
@anthropic-ai/claude-code
High
about 1 month ago
Claude Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes
npm
@anthropic-ai/claude-code
High
about 1 month ago
Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains
npm
@anthropic-ai/claude-code
Moderate
about 2 months ago
Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation
npm
@anthropic-ai/claude-code
High
3 months ago
Claude Code Command Validation Bypass Allows Arbitrary Code Execution
npm
@anthropic-ai/claude-code
High
4 months ago
@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes
npm
@anthropic-ai/claude-code
High
4 months ago
Claude Code vulnerable to command execution prior to startup trust dialog
npm
@anthropic-ai/claude-code
High
5 months ago
Claude Code can execute commands prior to the startup trust dialog
npm
@anthropic-ai/claude-code
High
6 months ago
Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions
npm
@anthropic-ai/claude-code
High
6 months ago
Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email
npm
@anthropic-ai/claude-code
High
6 months ago
Claude Code rg vulnerability does not protect against approval prompt bypass
npm
@anthropic-ai/claude-code
High
6 months ago
Claude Code Vulnerable to Arbitrary Code Execution Due to Insufficient Startup Warning
npm
@anthropic-ai/claude-code
High
7 months ago
Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code
npm
@anthropic-ai/claude-code
High
7 months ago
Claude Code echo command allowed bypass of user approval prompt for command execution
npm
@anthropic-ai/claude-code
High
7 months ago
Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access
npm
@anthropic-ai/claude-code
High
9 months ago
Claude Code Improper Authorization via websocket connections from arbitrary origins
npm
@anthropic-ai/claude-code