PT-2025-30717 · Ripgrep+1 · Ripgrep+1
Published
2025-07-25
·
Updated
2025-07-25
·
CVE-2025-54558
CVSS v3.1
4.1
Medium
| Vector | AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
OpenAI Codex CLI versions prior to 0.9.0
Description
The OpenAI Codex CLI application automatically approves the execution of ripgrep (rg) even when specific flags—
--pre, --hostname-bin, --search-zip, or -z—are used.Recommendations
Update to OpenAI Codex CLI version 0.9.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openai Codex Cli
Ripgrep