Anthropic Claude SDK for Python Insecure File Permissions Vulnerability in Memory Tool
Vulnerability
A vulnerability exists in the Claude SDK for Python, specifically in versions 0.86.0 prior to 0.87.0. The issue arises in the local filesystem memory tool, which created memory files with permissions set to 0o666. This configuration made the files world-readable on systems with a standard umask and world-writable in environments with a permissive umask, such as many Docker base images. As a result, a local attacker on a shared host could access persisted agent state, and in containerized deployments, could alter memory files to affect subsequent model behavior. Both the synchronous and asynchronous implementations of the memory tool were impacted.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive data, specifically persisted agent state, and in containerized environments, could allow manipulation of memory files to influence model behavior.
Remediation
Users are advised to update the Anthropic Claude SDK for Python to version 0.87.0 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.