CVE-2025-53539

| EUVD-2025-20307 HIGH
2025-07-07 [email protected] GHSA-j47q-rc62-w448
Denial Of Service Fastapi Guard
7.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
Mar 16, 2026 - 03:37 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 03:37 euvd
EUVD-2025-20307
Patch Released
Mar 16, 2026 - 03:37 nvd
Patch available
PoC Detected
Dec 31, 2025 - 17:05 vuln.today
Public exploit code
CVE Published
Jul 07, 2025 - 20:15 nvd
HIGH 7.5

DescriptionNVD

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely inefficient and can cause polynomial complexity backtracks when handling specially crafted inputs. This vulnerability is fixed in 3.0.1.

AnalysisAI

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely inefficient and can cause polynomial complexity backtracks when handling specially crafted inputs. This vulnerability is fixed in 3.0.1.

Technical ContextAI

This vulnerability is classified as Inefficient Regular Expression Complexity (ReDoS) (CWE-1333).

RemediationAI

A vendor patch is available. Apply it as soon as possible and verify the fix.

Share

CVE-2025-53539 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy