Cookie leakage between different users in fastapi-proxy-lib

Impact In the implementation of version 0.0.1, requests from different user clients are processed using a shared httpx.AsyncClient. However, one oversight is that the httpx.AsyncClient will persistently store cookies based on the set-cookie response header sent by the target server and share thes...

PT-2023-32993 · Unknown · Fastapi-Proxy-Lib

Name of the Vulnerable Software and Affected Versions: fastapi-proxy-lib version 0.0.1 Description: The issue arises from the shared use of httpx.AsyncClient across different user clients, leading to the persistent storage of cookies based on the set-cookie response header. This results in a cook...