PT-2025-19983 · Unknown · Fastapi Guard

Amooryx

Published

2025-05-06

Updated

2025-12-31

CVE-2025-46814

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions FastAPI Guard versions prior to 2.0.0

Description An HTTP header injection issue has been identified in FastAPI Guard. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication.

Recommendations For versions prior to 2.0.0, upgrade to FastAPI Guard version 2.0.0 to receive a fix. As a temporary workaround, consider restricting the use of the X-Forwarded-For header until a patch is available.

Exploit

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2025-46814

GHSA-77Q8-QMJ7-X7PP

Affected Products

Fastapi Guard

PT-2025-19983 · Unknown · Fastapi Guard

CVE-2025-46814

Weakness Enumeration

Related Identifiers

Affected Products

References · 8