漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Model Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path Prefix
Vulnerability Description
Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Model Context Protocol Servers 路径遍历漏洞
Vulnerability Description
Model Context Protocol Servers是Model Context Protocol开源的一个大模型上下文协议服务器。 Model Context Protocol Servers 0.6.4之前版本和2025.7.01之前版本存在路径遍历漏洞,该漏洞源于前缀匹配可能导致访问意外文件。
CVSS Information
N/A
Vulnerability Type
N/A