54yyyu Code-MCP Path Traversal Vulnerability in MCP File Handler

A path traversal vulnerability has been identified in 54yyyu Code-MCP versions prior to commit 4cfc4643541a110c906d93635b391bf7e357f4a8. The issue arises in the MCP File Handler component, specifically within the 'is_safe_path' function of 'src/code_mcp/server.py'. The vulnerability allows for manipulation of file paths, enabling unauthorized access to files outside the intended workspace. This issue can be exploited remotely, and the vulnerability has been publicly disclosed.

Impact

Exploitation of this vulnerability could lead to unauthorized read and write access to files outside the designated project workspace, bypassing intended file access restrictions. Such actions could disrupt service by modifying or deleting critical files.

Reproduction

To reproduce this vulnerability, use a file-related tool in Code-MCP's MCP File Handler. Supply a path that includes traversal segments, such as '../outside.txt'. The 'is_safe_path' function may incorrectly validate this path as safe, allowing read or write operations on files outside the intended workspace.

Remediation

It is recommended to implement proper path validation by using canonical path checks to ensure paths remain within the project directory. Reject absolute paths and traversal segments from untrusted path inputs. Centralize and consistently apply path validation across all file-related tools, and add regression tests to cover potential traversal exploits.