auto-favicon@1.0.1

A Model Context Protocol server providing tools for automatic favicon generation from PNG images or URLs

latest version

1.0.1

first published

9 months ago

latest version published

9 months ago

licenses detected

MIT
[0,)

View auto-favicon package health on Snyk (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the auto-favicon package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Server-side Request Forgery (SSRF) auto-favicon is an A Model Context Protocol server providing tools for automatic favicon generation from PNG images or URLs Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `generate_favicon_from_url` function. An attacker can cause the server to make arbitrary requests to internal or external resources by supplying a crafted `image_url` parameter. How to fix Server-side Request Forgery (SSRF)? There is no fixed version for `auto-favicon`.	[0,)

Server-side Request Forgery (SSRF)

auto-favicon is an A Model Context Protocol server providing tools for automatic favicon generation from PNG images or URLs

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the generate_favicon_from_url function. An attacker can cause the server to make arbitrary requests to internal or external resources by supplying a crafted image_url parameter.

How to fix Server-side Request Forgery (SSRF)?

There is no fixed version for auto-favicon.

[0,)

Go back to all versions of this package