Dependency security risk - Anthropic's MCP TypeScript SDK has a ReDoS vulnerability #124
Description
Dependency security risk - Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
@modelcontextprotocol/sdk < v1.25.2 affected
patched version v1.25.2 and higher
Impact
A ReDoS vulnerability in the UriTemplate class allows attackers to cause denial of service. The partToRegExp() function generates a regex pattern with nested quantifiers (([^/]+(?:,[^/]+))) for exploded template variables (e.g., {/id}, {?tags*}), causing catastrophic backtracking on malicious input.
Who is affected: MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients.
Attack result: An attacker sends a crafted URI via resources/read request, causing 100% CPU utilization, server hang/crash, and denial of service for all clients.
Affected Versions
All versions of @modelcontextprotocol/sdk prior to the patched release.
Patches
v1.25.2 contains b392f02ffcf37c088dbd114fedf25026ec3913d3 the fix modifies the regex pattern to prevent backtracking.
Workarounds
Avoid using exploded patterns ({/id*}, {?tags*}) in resource templates
Implement request timeouts and rate limiting
Validate URIs before processing to reject suspicious patterns