0.1.2
1 months ago
1 months ago
Known vulnerabilities in the @cardano402/mcp-server package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
@cardano402/mcp-server is a MCP server that exposes paid HTTP endpoints as MCP tools, paying via the x402 Cardano scheme. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) through improper validation of How to fix Server-side Request Forgery (SSRF)? Upgrade | <0.1.2 |