Publish Advisories

GHSA-xwc5-q44v-p6gg
GHSA-2jjv-qf24-vfm4

Author: advisory-database[bot]

advisories/github-reviewed/2025/08/GHSA-xwc5-q44v-p6gg/GHSA-xwc5-q44v-p6gg.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xwc5-q44v-p6gg",
-  "modified": "2025-08-22T21:09:36Z",
+  "modified": "2025-12-20T05:21:35Z",
   "published": "2025-08-22T18:31:23Z",
   "aliases": [
     "CVE-2025-43751"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N"
     }
   ],
   "affected": [

advisories/github-reviewed/2025/09/GHSA-2jjv-qf24-vfm4/GHSA-2jjv-qf24-vfm4.json

@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2jjv-qf24-vfm4",
-  "modified": "2025-11-27T09:05:06Z",
+  "modified": "2025-12-20T05:24:04Z",
   "published": "2025-09-24T18:57:44Z",
   "aliases": [
     "CVE-2025-59828"
   ],
   "summary": "Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions",
-  "details": "### Summary\n\nIn Claude Code versions prior to **1.0.39**, when the tool is used with **Yarn 2.x or newer (Berry)**, Yarn plugins are automatically loaded and executed when running `yarn --version`. In Claude Code this sequence could execute plugin code before the user accepts the directory trust prompt for an untrusted workspace, resulting in a potential arbitrary code execution path. \n\n**Yarn Classic (v1)** is not affected. The issue is fixed in **1.0.39**.\n\n### Impact\n\nAn attacker who can influence the project directory to include or reference a malicious Yarn plugin, or who can otherwise cause plugin execution in an untrusted directory, may achieve code execution on the machine where Claude Code is invoked. The vulnerability compromises the confidentiality, integrity and availability of the vulnerable host process.\n\n### Remediation\n\nUpdate Claude Code to **1.0.39** or later. Users on auto-update channels receive the fix automatically; manual installations should upgrade explicitly. As defense in depth, avoid running Yarn in untrusted directories and prefer Yarn Classic when plugin functionality is not required.\n\n### Background\n\nYarn 2+ supports a plugin architecture in which plugins are loaded at runtime and can inject behavior into Yarn commands; this capability underpins the observed auto-execution on `yarn --version`.\n\n---\n\n> Thank you to https://hackerone.com/michel_ for reporting this issue!",
+  "details": "When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running `yarn --version`. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and `yarnPath` could be executed prior to the user accepting the risks of working in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version.\n\nThank you to [https://hackerone.com/michel_](https://hackerone.com/michel_) for reporting this issue!",
   "severity": [
     {
       "type": "CVSS_V4",