关键漏洞信息 漏洞标题 Unhandeled Exception in Streamable HTTP Transport Leading to Denial of Service 严重性 High CVSS v4 base metrics: 8.7 / 10 影响的包和版本 Package: mcp (pip) Affected versions: < 1.10.0 Patched versions: 1.10.0 描述 如果客户端在建立可流式传输的HTTP会话后故意触发异常,这可能会导致服务器端出现未捕获的ClosedResourceError,导致服务器崩溃并需要重启以恢复服务。影响可能因部署条件和基础设施级别的弹性措施而异。 CVSS v4 基本指标 Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Attack Requirements: None - Privileges Required: None - User interaction: None Vulnerable System Impact Metrics: - Confidentiality: None - Integrity: None - Availability: High Subsequent System Impact Metrics: - Confidentiality: None - Integrity: None - Availability: None CVE ID CVE-2025-53365 弱点 No CWEs