ReDoS Vulnerability in FastAPI Security Library by Ren nf93
CVE-2025-54365
7.8HIGH
What is CVE-2025-54365?
The fastapi-guard library, which enhances security for FastAPI applications, contains a vulnerability in version 3.0.1 where the implemented regular expression fails to catch inputs exceeding the defined limit. Specifically, this weakness allows for the circumvention of protections against maliciously crafted tag attributes, leading to potential exploitation. Users are advised to upgrade to version 3.0.2, which includes the necessary fixes to address this critical issue.
Affected Version(s)
fastapi-guard >= 3.0.1, < 3.0.2