CNNVD-202507-510 Information

Jul 04, 2025 cve

CNNVD ID

CNNVD-202507-510

CVE-2025-53366

CNNVD Published: 2025-07-04

Description (Chinese)

Model Context Protocol Python SDK是Model Context Protocol开源的一个用于模型上下文协议服务器和客户端的开发工具。 Model Context Protocol Python SDK 1.9.4之前版本存在安全漏洞，该漏洞源于处理畸形请求时未处理异常，可能导致服务不可用。

Description (English)

Model Context Protocol Python SDK is a development tool for model context protocol servers and clients from the Model Context Protocol Open Source. There was a security loophole in the previous version of Model ContexProtocol Python SDK 1.9.4, which resulted from the non-treatment of abnormalities when dealing with requests for malformations, which could result in the non-availability of services.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Moderec

Published

2025-07-04

Last Modified

2026-02-24

References

https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a https://github.com/modelcontextprotocol/python-sdk/pull/822 https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v https://access.redhat.com/security/cve/cve-2025-53366

Patch

https://github.com/modelcontextprotocol/python-sdk/releases

Share on: