| शीर्षक | geldata gel-mcp 0.1.0 Path Traversal |
|---|
| विवरण | gel-mcp exposes two rule-related tools: list_rules(), which enumerates the bundled Markdown rule files under RULES_DIR, and fetch_rule(rule_name), which is supposed to return one of those bundled files by name. The implementation of fetch_rule() joins attacker-controlled rule_name directly under RULES_DIR and then calls exists() / read_text() on the resulting path.
Because the code does not reject path separators, traversal tokens, or absolute paths, a caller can request files outside the bundled rule directory. For example, ../../../../../pyproject.toml resolves from src/gel_mcp/static/gel-ai-rules/src/ back to the repository root and returns the project's pyproject.toml instead of a packaged rule file. |
|---|
| स्रोत | ⚠️ https://github.com/geldata/gel-mcp/issues/11 |
|---|
| उपयोगकर्ता | LargeW (UID 97302) |
|---|
| सबमिशन | 13/04/2026 02:18 PM (2 महीनों पहले) |
|---|
| संयम | 29/04/2026 02:53 PM (16 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 360139 [geldata gel-mcp 0.1.0 src/gel_mcp/server.py list_rules/fetch_rule rule_name निर्देशिका ट्रैवर्सल] |
|---|
| अंक | 20 |
|---|