VDB
KO
HIGH

GHSA-8r9q-7v3j-jr4g

Anthropic's MCP TypeScript SDK has a ReDoS vulnerability

Details

### Impact

A ReDoS vulnerability in the `UriTemplate` class allows attackers to cause denial of service. The `partToRegExp()` function generates a regex pattern with nested quantifiers (`([^/]+(?:,[^/]+)*)`) for exploded template variables (e.g., `{/id*}`, `{?tags*}`), causing catastrophic backtracking on malicious input.

**Who is affected:** MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients.

**Attack result:** An attacker sends a crafted URI via `resources/read` request, causing 100% CPU utilization, server hang/crash, and denial of service for all clients.

### Affected Versions

All versions of `@modelcontextprotocol/sdk` prior to the patched release.

### Patches

v1.25.2 contains b392f02ffcf37c088dbd114fedf25026ec3913d3 the fix modifies the regex pattern to prevent backtracking.

### Workarounds

- Avoid using exploded patterns (`{/id*}`, `{?tags*}`) in resource templates - Implement request timeouts and rate limiting - Validate URIs before processing to reject suspicious patterns

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / @modelcontextprotocol/sdk
Introduced in: 1.3.0 Fixed in: 1.25.2
Fix npm install @modelcontextprotocol/sdk@1.25.2

References