Skip to content

ivnvxd/mcp-server-odoo

v0.3.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 3mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

ai erp llm mcp mcp-server mcp-servers
+3 more
model-context-protocol odoo odoo-mcp

Affected surfaces

auth

Summary

AI summary

Fixed authentication bypass where OdooConnection.is_authenticated was always truthy.

Full changelog

Release v0.3.1

Fixed

  • Authentication bypass: Added missing @property decorator on OdooConnection.is_authenticated — without it, the method reference was always truthy, silently bypassing authentication checks in all tool and resource handlers

Changed

  • Update CI dependencies (black 26.1.0, GitHub Actions checkout v6, upload-artifact v6, setup-python v6, setup-uv v7)
  • Server version test validates semver format instead of hardcoded value

Security Fixes

  • Fixed authentication bypass: added missing `@property` decorator to `OdooConnection.is_authenticated` preventing always‑true method reference
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track ivnvxd/mcp-server-odoo

Get notified when new releases ship.

Sign up free

About ivnvxd/mcp-server-odoo

Connect AI assistants to Odoo ERP systems for business data access, record management, and workflow automation.

All releases →

Related context

Beta — feedback welcome: [email protected]