ReDoS Vulnerability in FastAPI Security Library by Ren nf93
CVE-2025-54365
7.8HIGH
What is CVE-2025-54365?
The fastapi-guard library, which enhances security for FastAPI applications, contains a vulnerability in version 3.0.1 where the implemented regular expression fails to catch inputs exceeding the defined limit. Specifically, this weakness allows for the circumvention of protections against maliciously crafted tag attributes, leading to potential exploitation. Users are advised to upgrade to version 3.0.2, which includes the necessary fixes to address this critical issue.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
fastapi-guard >= 3.0.1, < 3.0.2
References
CVSS V4
Score:
7.8
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved