Skip to content

alexpota/cloudscope-mcp

v0.3.2 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1mo MCP Data & Storage
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Topics

anomaly-detection azure azure-advisor bigquery budget-monitoring claude
+13 more
claude-code cloud-billing cloud-cost cost-management cost-optimization cursor finops gcp gcp-recommender mcp mcp-server model-context-protocol multi-cloud

Affected surfaces

rce_ssrf breaking_upgrade

Summary

AI summary

Fixes GHSA-xq3m-2v4x-88gg protobufjs RCE vulnerability.

Full changelog

What's Changed

  • Add MCP tool annotations (readOnlyHint, destructiveHint, idempotentHint, openWorldHint) to all 15 tools
  • Fix protobufjs RCE (GHSA-xq3m-2v4x-88gg) and hono XSS (GHSA-458j-xx4x-4375)

Security Fixes

  • GHSA-xq3m-2v4x-88gg — Remote Code Execution vulnerability in protobufjs
  • GHSA-458j-xx4x-4375 — Cross‑Site Scripting (XSS) vulnerability in hono
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track alexpota/cloudscope-mcp

Get notified when new releases ship.

Sign up free

About alexpota/cloudscope-mcp

Azure cloud cost management — spending analysis, forecasts, anomaly detection, budgets, optimization recommendations, idle resource detection, tag-based cost allocation, and cross-subscription queries through natural language.

All releases →

Related context

Beta — feedback welcome: [email protected]