Strix
26.1K

CVE-2025-46814

HIGHCVSS 7.5/10EPSS 0.29%

Last modified

CVE-2025-46814 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. EPSS estimates a 0.29% chance of exploitation in the next 30 days.

Description

FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Probability
0.29%

20.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
Fastapi-GuardFastapi Guard< 2.0.0

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-46814?
FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix.
How severe is CVE-2025-46814?
CVE-2025-46814 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.29% probability of exploitation in the next 30 days.
How do I fix CVE-2025-46814?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-46814?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST