CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-46814

Published : May 6, 2025, 3:16 p.m. | 19 minutes ago

Description : FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix.

Severity: 3.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4360 – iSourcecode Gym Management System SQL Injection Vulnerability

Next Article CVE-2025-2898 – IBM Maximo Application Suite Privilege Escalation Vulnerability

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

Flutter vs React Native for Mobile Apps: What Laravel Devs Say in 2025

CVE-2025-4413 – Pixabay Images for WordPress File Upload Vulnerability

React 19: Revolutionizing Web Development with New Features

CVE-2025-5104 – CVE-2022-1234: Adobe Flash Code Execution Vulnerability

The Razer Blade 14 got the AI laptop treatment with less weight, more ports and speakers, and two colors

Audacious 4.5 Beta Brings New Plugins, Better PipeWire Support

My favorite MagSafe wallet stand is the ideal iPhone companion, and it just got cheaper

CVE-2025-48755 – Spiral-rs Crate Zero-Sized Type Allocation Arbitrary Write

CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

Related Posts