CVE-2025-54365

7.5 HIGH
Published: July 23, 2025 Modified: October 09, 2025
View on NVD

Description

fastapi-guard is a security library for FastAPI that provides middleware to control IPs, log requests, detect penetration attempts and more. In version 3.0.1, the regular expression patched to mitigate the ReDoS vulnerability by limiting the length of string fails to catch inputs that exceed this limit. This type of patch fails to detect cases in which the string representing the attributes of a <script> tag exceeds 100 characters. As a result, most of the regex patterns present in version 3.0.1 can be bypassed. This is fixed in version 3.0.2.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/rennf93/fastapi-guard/commit/0829292c322d33dc14ab00c5451c5c138148035a
Source: security-advisories@github.com
Patch
https://github.com/rennf93/fastapi-guard/commit/d9d50e8130b7b434cdc1b001b8cfd03a06729f7f
Source: security-advisories@github.com
Patch
https://github.com/rennf93/fastapi-guard/security/advisories/GHSA-rrf6-pxg8-684g
Source: security-advisories@github.com
Exploit Vendor Advisory
https://github.com/rennf93/fastapi-guard/security/advisories/GHSA-rrf6-pxg8-684g
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit Vendor Advisory

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.5 / 10.0
EPSS (Exploit Probability)
0.1%
33th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20 CWE-185 CWE-1333

Affected Vendors

fastapi-guard

Related CVEs

CVE-2025-69261 N/A
CVE-2025-69257 6.7
CVE-2025-69210 N/A
CVE-2025-66823 N/A
CVE-2025-50343 N/A