2 matches found
CVE-2025-46814
CVE-2025-46814 affects the FastAPI Guard library (pre-2.0.0) and describes an HTTP header injection via the X-Forwarded-For header. The underlying issue allows an attacker to inject arbitrary IP addresses into requests, potentially bypassing IP-based access controls, misleading logs, and imperson...
CVE-2025-53539
CVE-2025-53539 affects fastapi-guard: the DoS risk stems from inefficient regular expressions in the SusPatternsManager (suspatterns_handler.py) used to detect penetration attempts, enabling polynomial backtracking under crafted inputs. The vulnerability is documented as fixed in version 3.0.1; r...