Impact
A ReDoS vulnerability in the UriTemplate class allows attackers to cause denial of service. The partToRegExp() function generates a regex pattern with nested quantifiers (([^/]+(?:,[^/]+)*)) for exploded template variables (e.g., {/id*}, {?tags*}), causing catastrophic backtracking on malicious input.
Who is affected: MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients.
Attack result: An attacker sends a crafted URI via resources/read request, causing 100% CPU utilization, server hang/crash, and denial of service for all clients.
Affected Versions
All versions of @modelcontextprotocol/sdk prior to the patched release.
Patches
v1.25.2 contains b392f02 the fix modifies the regex pattern to prevent backtracking.
Workarounds
- Avoid using exploded patterns (
{/id*}, {?tags*}) in resource templates
- Implement request timeouts and rate limiting
- Validate URIs before processing to reject suspicious patterns
References
weblover12 Analyst
Impact
A ReDoS vulnerability in the
UriTemplateclass allows attackers to cause denial of service. ThepartToRegExp()function generates a regex pattern with nested quantifiers (([^/]+(?:,[^/]+)*)) for exploded template variables (e.g.,{/id*},{?tags*}), causing catastrophic backtracking on malicious input.Who is affected: MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients.
Attack result: An attacker sends a crafted URI via
resources/readrequest, causing 100% CPU utilization, server hang/crash, and denial of service for all clients.Affected Versions
All versions of
@modelcontextprotocol/sdkprior to the patched release.Patches
v1.25.2 contains b392f02 the fix modifies the regex pattern to prevent backtracking.
Workarounds
{/id*},{?tags*}) in resource templatesReferences