HomeDefault status
unaffected
0.1.0 (semver)
affected
Description
Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue.
Problem types
CWE-918 Server-Side Request Forgery (SSRF)
Product status
0.1.0 (semver)
Credits
Andrea Cosentino <ancosen@gmail.com>
References
www.openwall.com/lists/oss-security/2026/04/13/4
lists.apache.org/thread/v0k1xyzzbtnpyrwxwyn36pbspr8rhjnr