4 matches found
GHSA-C4HG-6933-X62X Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server
Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...
CVE-2026-34476 Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server
Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the improper handling of gas limits in precompile executions. An attacker can manipulate the state of the blockchain by causing certain functions to execute with insufficient gas, leading to incomplete...
Deserialization of Untrusted Data
Overview chattts is an A generative speech model for daily dialogue Affected versions of this package are vulnerable to Deserialization of Untrusted Data when loading the tokenizer with torch.load. An attacker can exploit this by supplying a malicious tokenizer.pt file, leading to code execution...