Homepage

fastapi-users@3.0.3 vulnerabilities

Ready-to-use and customizable users management for FastAPI

  • latest version

    14.0.1

  • latest non vulnerable version

    14.0.1

  • first published

    5 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View fastapi-users package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the fastapi-users package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Observable Response Discrepancy

    fastapi-users is a Ready-to-use and customizable users management for FastAPI

    Affected versions of this package are vulnerable to Observable Response Discrepancy. Exploiting this vulnerability is possible by sending web requests enumerating over values for an HTTP header in an attempt to find Redis keys.

    How to fix Observable Response Discrepancy?

    Upgrade fastapi-users to version 10.1.3 or higher.

    [,10.1.3)
    • H
    Authentication Bypass

    fastapi-users is a Ready-to-use and customizable users management for FastAPI

    Affected versions of this package are vulnerable to Authentication Bypass in the account e-mail association when authenticating with OAuth.

    How to fix Authentication Bypass?

    Upgrade fastapi-users to version 10.1.0 or higher.

    [,10.1.0)
    Go back to all versions of this package