| tiêu đề | j3k0 mcp-google-workspace 1.0.0 Arbitrary File Write |
|---|
| Mô tả | An arbitrary file write vulnerability has been identified in mcp-google-workspace. Gmail attachment retrieval and bulk-save logic accepts caller-controlled local save paths and passes them to fs.writeFileSync after a helper named validateSavePath. The helper resolves the path but does not enforce a safe base directory or approved downloads directory. An attacker able to invoke the affected MCP tool can write decoded attachment content to arbitrary local paths writable by the server process. |
|---|
| Nguồn | ⚠️ https://github.com/j3k0/mcp-google-workspace/issues/19 |
|---|
| Người dùng | ccccccctfi (UID 97498) |
|---|
| Đệ trình | 11/05/2026 10:27 (cách đây 24 ngày) |
|---|
| Kiểm duyệt | 31/05/2026 18:06 (20 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 367570 [j3k0 mcp-google-workspace đến 831790e7d5c2663325733d9f5579cc339a267c4c MCP Gmail Tool src/tools/gmail.ts saveToDisk nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|