JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources.

CVE ID	Severità	Punteggio	Tecnologie	Nome del componente	Exploit CISA KEV	Ha la correzione	Data di pubblicazione
CVE-2025-67731	HIGH	8.7	JavaScript	servify-express	No	Sì	Dec 12, 2025
CVE-2025-67718	HIGH	8.7	JavaScript	formio	No	Sì	Dec 11, 2025
CVE-2025-65513	HIGH	7.5	JavaScript	mcp-fetch-server	No	No	Dec 09, 2025
CVE-2025-67716	MEDIUM	5.7	JavaScript	@auth0/nextjs-auth0	No	Sì	Dec 11, 2025
CVE-2025-67490	MEDIUM	5.4	JavaScript	@auth0/nextjs-auth0	No	Sì	Dec 10, 2025

CVE-2025-65513:
JavaScript Analisi e mitigazione delle vulnerabilità

7.5

Imparentato JavaScript Vulnerabilità:

Benchmark della tua posizione di sicurezza del cloud

Ulteriori risorse Wiz

PEACH

Pronti a vedere Wiz in azione?

CVE-2025-65513: JavaScript Analisi e mitigazione delle vulnerabilità