CVE-2025-14546 | fastapi-sso up to 0.18.x get_login_url cross-site request forgery (ID 266)

Inserito da Angelo Barbosa | Dic 19, 2025 | CVE

A vulnerability marked as problematic has been reported in fastapi-sso up to 0.18.x. Impacted is the function get_login_url. Performing manipulation results in cross-site request forgery.

This vulnerability is identified as CVE-2025-14546. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2025-14546 | fastapi-sso up to 0.18.x get_login_url cross-site request forgery (ID 266)

Post correlati

CVE-2024-5558 | Schneider Electric SpaceLogic AS-P/SpaceLogic AS-B up to 5.0.3 toctou (SEVD-2024-163-04)

CVE-2025-24919 | Dell ControlVault3/ControlVault3 Plus cvhDecapsulateCmd deserialization (dsa-2025-053)

CVE-2024-29855 | Veeam Recovery Orchestrator prior 7.0.0.379/7.1.0.230 improper authentication (kb4585)

CVE-2025-64459 | Django up to 4.2.25/5.1.13/5.2.7 QuerySet.filter/QuerySet.exclude/QuerySet.get sql injection