# Vulnerability Summary ## Overview - **Vulnerability ID**: #802828 - **Vulnerability Title**: ErlichLiu claude-agent-sdk-master Commit b185aa7ff0d864581257008077b4010fca1747bf Path Traversal - **Vulnerability Type**: Path Traversal (CWE-22) - **Description**: In the file `app/agent-output/route.ts` of `claude-agent-sdk-master`, the `/api/agent-output` endpoint accepts a user-provided `outputFile` value and, after path normalization, directly passes it to `readFile` without validating whether the path is within a trusted application output directory or the application workspace. An attacker with network access to the exposed Next.js API can read any local file readable by the server process, potentially leading to leakage of sensitive configuration files, credentials, or source code. ## Impact Scope - **Affected Component**: `app/agent-output/route.ts` of `claude-agent-sdk-master` - **Commit Hash**: `b185aa7ff0d864581257008077b4010fca1747bf` - **Status**: Confirmed affected, no fixed version available ## Remediation - **Current Status**: As of the reporting time, there is no patched version. ## Additional Information - **Source**: [GitHub Link](https://github.com/ErlichLiu/claude-agent-sdk-master/issues/5) - **User**: BruceJin (UID 96538) - **Submission Time**: November 2, 2024 10:36 AM (17 days ago) - **Review Time**: December 7, 2024 07:05 PM (16 days later) - **VulDB Entry**: [VulDB Link](https://vuldb.com/?id.256381) - **Points**: 20