MCP TypeScript SDK UriTemplate Exploded Array Pattern ReDoS
Description
Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS) vulnerability in the UriTemplate class when processing RFC 6570 exploded array patterns. The dynamically generated regular expression used during URI matching contains nested quantifiers that can trigger catastrophic backtracking on specially crafted inputs, resulting in excessive CPU consumption. An attacker can exploit this by supplying a malicious URI that causes the Node.js process to become unresponsive, leading to a denial of service.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@modelcontextprotocol/sdknpm | < 1.25.2 | 1.25.2 |
Affected products
1- Range: 0.1.0, 0.15.1, 0.2.0, …
Patches
1b392f02ffcf3fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (#1365)
4 files changed · +32 −5
package.json+1 −1 modified@@ -1,6 +1,6 @@ { "name": "@modelcontextprotocol/sdk", - "version": "1.25.1", + "version": "1.25.2", "description": "Model Context Protocol implementation for TypeScript", "license": "MIT", "author": "Anthropic, PBC (https://anthropic.com)",
package-lock.json+2 −2 modified@@ -1,12 +1,12 @@ { "name": "@modelcontextprotocol/sdk", - "version": "1.25.1", + "version": "1.25.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@modelcontextprotocol/sdk", - "version": "1.25.1", + "version": "1.25.2", "license": "MIT", "dependencies": { "@hono/node-server": "^1.19.7",
src/shared/uriTemplate.ts+2 −2 modified@@ -225,7 +225,7 @@ export class UriTemplate { switch (part.operator) { case '': - pattern = part.exploded ? '([^/]+(?:,[^/]+)*)' : '([^/,]+)'; + pattern = part.exploded ? '([^/,]+(?:,[^/,]+)*)' : '([^/,]+)'; break; case '+': case '#': @@ -235,7 +235,7 @@ export class UriTemplate { pattern = '\\.([^/,]+)'; break; case '/': - pattern = '/' + (part.exploded ? '([^/]+(?:,[^/]+)*)' : '([^/,]+)'); + pattern = '/' + (part.exploded ? '([^/,]+(?:,[^/,]+)*)' : '([^/,]+)'); break; default: pattern = '([^/]+)';
test/shared/uriTemplate.test.ts+27 −0 modified@@ -284,5 +284,32 @@ describe('UriTemplate', () => { vars[longName] = 'value'; expect(() => template.expand(vars)).not.toThrow(); }); + + it('should not be vulnerable to ReDoS with exploded path patterns', () => { + // Test for ReDoS vulnerability (CVE-2026-0621) + // See: https://github.com/modelcontextprotocol/typescript-sdk/issues/965 + const template = new UriTemplate('{/id*}'); + const maliciousPayload = '/' + ','.repeat(50); + + const startTime = Date.now(); + template.match(maliciousPayload); + const elapsed = Date.now() - startTime; + + // Should complete in under 100ms, not hang for seconds + expect(elapsed).toBeLessThan(100); + }); + + it('should not be vulnerable to ReDoS with exploded simple patterns', () => { + // Test for ReDoS vulnerability with simple exploded operator + const template = new UriTemplate('{id*}'); + const maliciousPayload = ','.repeat(50); + + const startTime = Date.now(); + template.match(maliciousPayload); + const elapsed = Date.now() - startTime; + + // Should complete in under 100ms, not hang for seconds + expect(elapsed).toBeLessThan(100); + }); }); });
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/advisories/GHSA-8r9q-7v3j-jr4gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-0621ghsaADVISORY
- www.vulncheck.com/advisories/mcp-typescript-sdk-uritemplate-exploded-array-pattern-redosghsathird-party-advisoryWEB
- github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3ghsaWEB
- github.com/modelcontextprotocol/typescript-sdk/issues/965ghsaissue-trackingWEB
- github.com/modelcontextprotocol/typescript-sdk/releases/tag/v1.25.2ghsaWEB
- github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-cqwc-fm46-7fffghsaWEB
News mentions
0No linked articles in our index yet.