Homepage

fastapi-proxy-lib@0.0.1b0 vulnerabilities

HTTP/WebSocket proxy for starlette/FastAPI.

  • latest version

    0.1.0

  • latest non vulnerable version

    0.1.0

  • first published

    1 years ago

  • latest version published

    1 years ago

  • licenses detected

  • View fastapi-proxy-lib package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the fastapi-proxy-lib package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Information Exposure

    fastapi-proxy-lib is a HTTP/WebSocket proxy for starlette/FastAPI.

    Affected versions of this package are vulnerable to Information Exposure due to the shared usage of httpx.AsyncClient in processing requests from different user clients. An attacker can exploit this to leak cookies among all user clients sharing the same httpx.AsyncClient by sending a set-cookie response header. This is only exploitable if the ForwardHttpProxy is used, or if ReverseHttpProxy or ReverseWebSocketProxy are used for servers that may potentially send a set-cookie response.

    How to fix Information Exposure?

    Upgrade fastapi-proxy-lib to version 0.1.0 or higher.

    [,0.1.0)
    Go back to all versions of this package