ReDoS Vulnerability in FastAPI Security Library by Ren nf93
CVE-2025-54365

7.8HIGH

Key Information:

Vendor

Rennf93

Vendor
CVE Published:
23 July 2025

What is CVE-2025-54365?

The fastapi-guard library, which enhances security for FastAPI applications, contains a vulnerability in version 3.0.1 where the implemented regular expression fails to catch inputs exceeding the defined limit. Specifically, this weakness allows for the circumvention of protections against maliciously crafted tag attributes, leading to potential exploitation. Users are advised to upgrade to version 3.0.2, which includes the necessary fixes to address this critical issue.

Affected Version(s)

fastapi-guard >= 3.0.1, < 3.0.2

References

CVSS V4

Score:
7.8
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-54365 : ReDoS Vulnerability in FastAPI Security Library by Ren nf93