{"url":"http://public2.vulnerablecode.io/api/packages/1055761?format=json","purl":"pkg:pypi/ogham-mcp@0.6.4","type":"pypi","namespace":"","name":"ogham-mcp","version":"0.6.4","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.11.1","latest_non_vulnerable_version":"0.11.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/360294?format=json","vulnerability_id":"VCID-x5zk-pu4w-zbbp","summary":"ogham-mcp had credentials embedded in published PyPI sdists -- Neon postgres URLs and Voyage API key\n## Summary\n\nBetween 2026-02 and 2026-04-24 a total of 22 public PyPI sdists of `ogham-mcp` contained development credentials embedded in source files. All credentials have since been rotated on the respective providers. No known exploitation. Upgrade to **v0.11.1** to get a clean release.\n\n## What was leaked\n\n| Credential | Location in sdist | Vulnerable range | Count |\n|---|---|---|---|\n| 3x Neon postgres URLs with passwords (US / EU / AP development databases) | top-level `Makefile` (`NEON_US`, `NEON_EU`, `NEON_AP` vars) | `>=0.6.5, <0.11.0` | 21 sdists |\n| 1x Voyage AI API key (`pa-...`) | `tests/test_hooks.py::test_mask_secrets_key_value` -- test fixture that fed a real key into the redaction-function tester | `>=0.6.3, <0.11.1` | 22 sdists |\n\n## Impact\n\n- **Primary risk**: any consumer of the affected sdists could have extracted the credentials and used them. The Neon URLs pointed at development databases; the Voyage key was a rate-limited API key.\n- **Observed exploitation**: none detected. Audit logs on both providers were reviewed post-rotation.\n- **Remediation on our side**:\n  - Neon passwords for all three regions rotated.\n  - Voyage API key rotated.\n  - All affected versions yanked from PyPI (v0.3.0 through v0.10.4 yanked on 2026-04-24; v0.11.0 pending yank after this advisory).\n  - v0.11.0 removed the Neon URLs and introduced `make publish-check` which scans every sdist for credential patterns before upload.\n  - v0.11.1 scrubs the Voyage key from the test fixture and excludes `benchmarks/`, `docs/`, `research/`, `extras/`, and `**/*.env*` from all future sdists via explicit hatchling sdist include/exclude in `pyproject.toml`.\n\n## Action for users\n\n- If users installed any version from `v0.3.0` through `v0.11.0`, upgrade to **v0.11.1** immediately:\n  ```\n  pip install --upgrade \"ogham-mcp>=0.11.1\"\n  ```\n- Users do not need to rotate anything on their end. The leaked credentials were owned by the project maintainer, not by users.\n\n## Credit\n\nDiscovered during an internal pre-release audit on 2026-04-24 while preparing v0.11.1.","references":[{"reference_url":"https://github.com/ogham-mcp/ogham-mcp","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ogham-mcp/ogham-mcp"},{"reference_url":"https://github.com/ogham-mcp/ogham-mcp/security/advisories/GHSA-8pqq-224h-x875","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ogham-mcp/ogham-mcp/security/advisories/GHSA-8pqq-224h-x875"},{"reference_url":"https://github.com/advisories/GHSA-8pqq-224h-x875","reference_id":"GHSA-8pqq-224h-x875","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8pqq-224h-x875"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375485?format=json","purl":"pkg:pypi/ogham-mcp@0.11.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ogham-mcp@0.11.1"}],"aliases":["GHSA-8pqq-224h-x875"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5zk-pu4w-zbbp"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/ogham-mcp@0.6.4"}