Mcp Typescript Sdk
Monthly
MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. [CVSS 7.1 HIGH]
Denial of service in Anthropic MCP TypeScript SDK up to version 1.25.1 stems from catastrophic backtracking in regex processing of RFC 6570 URI templates, allowing remote attackers to trigger excessive CPU consumption and crash Node.js processes without authentication. Public exploit code exists for this vulnerability. The lack of available patches leaves affected systems exposed until upgrades to patched versions are deployed.
A security vulnerability in MCP TypeScript SDK (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.
MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. [CVSS 7.1 HIGH]
Denial of service in Anthropic MCP TypeScript SDK up to version 1.25.1 stems from catastrophic backtracking in regex processing of RFC 6570 URI templates, allowing remote attackers to trigger excessive CPU consumption and crash Node.js processes without authentication. Public exploit code exists for this vulnerability. The lack of available patches leaves affected systems exposed until upgrades to patched versions are deployed.
A security vulnerability in MCP TypeScript SDK (CVSS 8.1) that allows dns rebinding protection. High severity vulnerability requiring prompt remediation. Vendor patch is available.