| 标题 | fatbobman mail-mcp-bridge d9e7d9acc2abcf9da8252d76506fc5afbc08d08e Path Traversal |
|---|
| 描述 | The `cleanup_attachments` MCP tool accepts a list of RFC `message_ids` and is intended to remove temporary extraction directories beneath the attachment cache root. However, the implementation only strips angle brackets from each `message_id` before joining it under the base directory. Traversal sequences such as `../mail-mcp-bridge-poc` survive unchanged, so the server resolves a path outside `mail-mcp-attachments` and recursively deletes it with `shutil.rmtree()`. This provides a real arbitrary-directory deletion primitive relative to the temp root used by the service. The related extraction flow in `extract_attachments.py` repeats the same unsafe `message_id`-to-directory join when creating directories. |
|---|
| 来源 | ⚠️ https://github.com/fatbobman/mail-mcp-bridge/issues/2 |
|---|
| 用户 | LittleW (UID 97283) |
|---|
| 提交 | 2026-04-12 13時06分 (2 月前) |
|---|
| 管理 | 2026-04-29 10時47分 (17 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 360107 [fatbobman mail-mcp-bridge 直到 1.3.3 src/mail_mcp_server.py message_ids 目录遍历] |
|---|
| 积分 | 20 |
|---|