VYPR

PyPI package

doris-mcp-server

pkg:pypi/doris-mcp-server

Vulnerabilities (2)

  • CVE-2025-66335MedApr 20, 2026
    affected >= 0.1.0, < 0.6.1fixed 0.6.1

    Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution inte

  • CVE-2025-58337Nov 5, 2025
    affected < 0.6.0fixed 0.6.0

    An attacker with a valid read-only account can bypass Doris MCP Server’s read-only mode due to improper access control, allowing modifications that should have been prevented by read-only restrictions. Impact: Bypasses read-only mode; attackers with read-only access may perfor