CVE-2025-53110

Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve.

CVSS

No CVSS.

References

Link	Resource
https://github.com/modelcontextprotocol/servers/commit/cc99bdabdcad93a58877c5f3ab20e21d4394423d
https://github.com/modelcontextprotocol/servers/security/advisories/GHSA-hc55-p739-j48w

Configurations

No configuration.

History

03 Jul 2025, 15:13

Type	Values Removed	Values Added
Summary		(es) Model Context Protocol Servers (MCP) son una colección de implementaciones de referencia para el protocolo de contexto de modelo (MCP). Las versiones de Filesystem anteriores a la 0.6.4 o la 2025.7.01 podrían permitir el acceso a archivos no deseados si el prefijo coincide con un directorio permitido. Se recomienda a los usuarios actualizar a la versión 0.6.4 o la 2025.7.01.

02 Jul 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-02 15:15

Updated : 2025-07-03 15:13

NVD link : CVE-2025-53110

Mitre link : CVE-2025-53110

CVE.ORG link : CVE-2025-53110

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2025-53110", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-07-02T15:15:27.843", "references": [{"url": "https://github.com/modelcontextprotocol/servers/commit/cc99bdabdcad93a58877c5f3ab20e21d4394423d", "source": "security-advisories@github.com"}, {"url": "https://github.com/modelcontextprotocol/servers/security/advisories/GHSA-hc55-p739-j48w", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 or 2025.7.01 resolve."}, {"lang": "es", "value": "Model Context Protocol Servers (MCP) son una colecci\u00f3n de implementaciones de referencia para el protocolo de contexto de modelo (MCP). Las versiones de Filesystem anteriores a la 0.6.4 o la 2025.7.01 podr\u00edan permitir el acceso a archivos no deseados si el prefijo coincide con un directorio permitido. Se recomienda a los usuarios actualizar a la versi\u00f3n 0.6.4 o la 2025.7.01."}], "lastModified": "2025-07-03T15:13:53.147", "sourceIdentifier": "security-advisories@github.com"}