283 matches found
CVE-2025-52887
A denial-of-service vulnerability, stemming from memory exhaustion, has been identified in the cpp-httplib C++ HTTP/HTTPS library. This flaw is a result of the library's insufficient limits on the processing of HTTP headers. A remote attacker could exploit this by sending specially crafted HTTP...
CVE-2025-52887
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
CVE-2025-52887 cpp-httplib has unlimited number of http header fields, which causes memory leak
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
CVE-2025-52887 cpp-httplib has unlimited number of http header fields, which causes memory leak
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
CVE-2025-52887
cpp-httplib (C++11 single-file header-only library) is affected by CVE-2025-52887 in version 0.21.0 where there is no limit on the number of HTTP header fields and header memory is not released on disconnect, potentially exhausting system memory and causing server crash or unresponsiveness. Remed...
CVE-2025-52887 cpp-httplib has unlimited number of http header fields, which causes memory leak
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
CVE-2025-52887
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected...
cpp-httplib 资源管理错误漏洞
cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A resource management error vulnerability exists in cpp-httplib version 0.21.0, which stems from not limiting the number of HTTP headers, and could lead to system memory exhaustion...
PT-2025-26976
Name of the Vulnerable Software and Affected Versions: cpp-httplib version 0.21.0 Description: The issue arises when multiple HTTP header fields are passed to the library, causing it to fail to limit the number of headers. As a result, the memory associated with these headers is not released when...
Fedora: Security Advisory (FEDORA-2025-c0ec6fa21b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
OPENSUSE-SU-2025:15084-1 cpp-httplib-devel-0.20.1-1.1 on GA media
These are all security issues fixed in the cpp-httplib-devel-0.20.1-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2025-46728
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of incoming HTTP requests with Transfer-Encoding: chunked or without a Content-Length header. An attacker can cause uncontrolled memory allocation on the server b...
DEBIAN-CVE-2025-46728
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
CVE-2025-46728
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
UBUNTU-CVE-2025-46728
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests
cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...
CVE-2025-46728
Summary (CVE-2025-46728) : The cpp-httplib library (a header-only C++ HTTP/S library) is vulnerable in versions before 0.20.1 due to failure to enforce size limits on incoming request bodies when using Transfer-Encoding: chunked or when no Content-Length is provided. A remote attacker can send ch...