CNNVD-202507-079 Information
CNNVD ID
CNNVD-202507-079
Related CVE
- CNNVD Published: 2025-07-01
Description (Chinese)
RestDB codehooks-mcp-server是RestDB开源的一个MCP服务器。 RestDB codehooks-mcp-server 0.2.2之前版本存在操作系统命令注入漏洞,该漏洞源于命令注入,可能导致远程命令执行。
Description (English)
RestDB codehooks-mcp-server is an MCP server that is an open source for RestDB. Before the version of RestDB codeebooks-mcp-server 0.2.2, there was an operational system command-injecting loophole, which originated from the command-injection and could lead to remote command execution.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
RestDB
Published
2025-07-01
Last Modified
2026-02-24
References
https://github.com/RestDB/codehooks-mcp-server/security/advisories/GHSA-fhq6-jf5q-qxvq https://github.com/RestDB/codehooks-mcp-server/commit/62f918a6fde6a8c700521b542b85315c70f05794 https://github.com/RestDB/codehooks-mcp-server/commit/83db1d1b4c856cbe4a1b961d315706198bb0ffb8 https://access.redhat.com/security/cve/cve-2025-53100
Patch
https://github.com/RestDB/codehooks-mcp-server/releases
Share on: