PT-2025-28250 · Unknown · Fastapi Guard

Cycloctane

Publicado

2025-07-07

Atualizado

2025-12-31

CVE-2025-53539

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: FastAPI Guard versions prior to 3.0.1

Description: The issue concerns the penetration attempts detection mechanism in FastAPI Guard, which utilizes regex patterns to scan incoming requests. However, some of these regex patterns are inefficient and can lead to polynomial complexity backtracks when handling specially crafted inputs.

Recommendations: For versions prior to 3.0.1, update to version 3.0.1 to resolve the issue.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1333

Identificadores relacionados

BDU:2025-08270

CVE-2025-53539

GHSA-J47Q-RC62-W448

Produtos afetados

Fastapi Guard

PT-2025-28250 · Unknown · Fastapi Guard

CVE-2025-53539

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11