Homepage

dataproduct-mcp@0.1.6 vulnerabilities

A Model Context Protocol (MCP) server for discovering data products, requesting access, and executing queries on the data platform to access business data.

  • latest version

    0.1.10

  • latest non vulnerable version

    0.1.10

  • first published

    4 months ago

  • latest version published

    13 days ago

  • licenses detected

  • View dataproduct-mcp package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the dataproduct-mcp package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Input Validation

    dataproduct-mcp is an A Model Context Protocol (MCP) server for discovering data products, requesting access, and executing queries on the data platform to access business data.

    Affected versions of this package are vulnerable to Improper Input Validation due to the detector being disabled and validation being replaced with a non-working sanitization path.

    How to fix Improper Input Validation?

    Upgrade dataproduct-mcp to version 0.1.7 or higher.

    [,0.1.7)
    Go back to all versions of this package