2 matches found
GHSA-VV7Q-7JX5-F767 FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability
Technical Description The OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the buildurl method. When an OpenAPI...
GHSA-X3V3-8XG8-8V72 Sentry's Astro SDK vulnerable to ReDoS
Impact A ReDoS Regular expression Denial of Service vulnerability has been identified in Sentry's Astro SDK 7.78.0-7.86.0. Under certain conditions, this vulnerability allows an attacker to cause excessive computation times on the server, leading to denial of service DoS. Applications that are...