10 matches found
SQL Injection
Overview doris-mcp-server is an Enterprise-grade Model Context Protocol MCP server implementation for Apache Doris Affected versions of this package are vulnerable to SQL Injection due to improper neutralization in the query context handling process. An attacker can execute unintended SQL...
Apache Doris MCP Server vulnerable to SQL Injection via improper query context neutralization
Apache Doris MCP Server versions prior to 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Versions 0.6.1...
GHSA-QHFQ-GVVC-5Q6Q Apache Doris MCP Server vulnerable to SQL Injection via improper query context neutralization
Apache Doris MCP Server versions prior to 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Versions 0.6.1...
CVE-2025-66335
Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...
CVE-2025-66335 Apache Doris MCP Server: MCP SQL inject
Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...
CVE-2025-66335 Apache Doris MCP Server: MCP SQL inject
Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...
Apache Doris MCP Server 安全漏洞
Apache Doris MCP Server is a context-based protocol backend service provided by the Apache Foundation. Versions of Apache Doris MCP Server prior to 0.6.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of query contexts, which could lead to the execution o...
SUSE CVE-2025-68731
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...
EUVD-2025-205066
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...
CVE-2025-68731
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...