Ubuntu: Security Advisory (USN-7962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : cpp-httplib (openSUSE-SU-2026:20056-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20056-1 advisory. - CVE-2025-66570: IP spoofing, log poisoning, and authorization bypass via header shadowing due to acceptance and parsing of client-controlled...

Security update for cpp-httplib (critical)

openSUSE security update: security update for cpp-httplib ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20056-1 Rating: critical References: bsc1254734 bsc1254735 Cross-References: CVE-2025-66570 CVE-2025-66577 CVSS scores: CVE-2025-66570 SUSE : 1...

USN-7962-1: cpp-httplib vulnerability

It was discovered that cpp-httplib did not correctly handle HTTP headers. A remote attacker could possibly use this issue to bypass authorization and impersonate users...

USN-7962-1 cpp-httplib vulnerability

It was discovered that cpp-httplib did not correctly handle HTTP headers. A remote attacker could possibly use this issue to bypass authorization and impersonate users...

SUSE CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

CVE-2026-22776

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. A remote attacker can exploit this vulnerability by sending a specially crafted compressed HTTP request. While the library checks the size of the compressed data, it does not properly limit the size of the data after decompression, leadin...

CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the unsafe handling of compressed HTTP request bodies when decompressing data. An attacker can exhaust system memory by sending specially crafted compressed payloads tha...

CVE-2026-22776 cpp-httplib vulnerable to a denial of service (DOS) using a zip bomb

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

EUVD-2026-2006

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

CVE-2026-22776

CVE-2026-22776 affects cpp-httplib prior to 0.30.1. The DoS arises from unsafe handling of compressed HTTP request bodies (Content-Encoding: gzip, br, etc.); the implementation validates payload_max_length against the compressed data size but does not cap the decompressed data in memory. This can...

CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

PT-2026-2292

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.30.1 Description A potential denial of service DoS condition exists in cpp-httplib due to the way it handles compressed HTTP request bodies, specifically those using gzip or br compression. The library checks th...

Linux Distros Unpatched Vulnerability : CVE-2026-22776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in...

cpp-httplib 安全漏洞

cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A security vulnerability exists in cpp-httplib versions prior to 0.30.1, which stems from insecure handling of compressed HTTP request bodies and could lead to a denial-of-service attack...

Security update for cpp-httplib (important)

openSUSE Security Update: Security update for cpp-httplib Announcement ID: openSUSE-SU-2026:0007-1 Rating: important References: 1245414 1246468 1246471 Cross-References: CVE-2025-52887 CVE-2025-53628 CVE-2025-53629 CVSS scores: CVE-2025-52887 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

CVE-2026-21428

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...

CVE-2026-21428

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...