| 제목 | edvardlindelof notes-mcp 0.1.4 Path Traversal |
|---|
| 설명 | `notes-mcp` is configured with a single `root_dir` that is supposed to represent the note vault. All file tools then operate by concatenating caller-controlled relative paths onto that root with `root_dir / path`, but the implementation never resolves the resulting path or checks that it remains under `root_dir`. Any caller who can invoke the MCP tools can therefore use `../` segments to read, create, or delete files outside the intended notes directory. |
|---|
| 원천 | ⚠️ https://github.com/edvardlindelof/notes-mcp/issues/2 |
|---|
| 사용자 | SmallW (UID 97245) |
|---|
| 제출 | 2026. 04. 10. PM 03:00 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 04. 27. PM 05:03 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 359808 [edvardlindelof notes-mcp 까지 0.1.4 notes_mcp.py root_dir/path 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|