FastAPI Guard Regular Expression Denial-of-Service Vulnerability in Version 3.0.1
Vulnerability
A vulnerability in FastAPI Guard version 3.0.1 allows for Regular Expression Denial-of-Service (ReDoS) attacks. The issue arises because the patch intended to limit input length and prevent ReDoS does not effectively catch all cases, particularly those involving script tag attributes. This oversight allows attackers to bypass most regex patterns, potentially leading to exploitation of the application.
Impact
Exploitation of this vulnerability could allow attackers to bypass regex-based security checks, making the application susceptible to various attacks, including Cross-Site Scripting (XSS) and SQL Injection.
Reproduction
To reproduce this vulnerability, send a POST request to an endpoint protected by FastAPI Guard with a payload that includes a <script> tag attribute exceeding 100 characters. The request will bypass the regex validation, demonstrating the vulnerability.
Remediation
Users can upgrade to FastAPI Guard version 3.0.2, which addresses this vulnerability by enhancing the regex length limitations to prevent bypasses.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.