CVE-2022-28999

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe...

CVE-2020-0408

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0...

CVE-2020-23915

An issue was discovered in cpp-peglib through v0.1.12. peg::resolveescapesequence in peglib.h has a heap-based buffer over-read...

CVE-2020-11709

cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

CVE-2020-23914

An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg::AstOptimizer::optimize located in peglib.h. It allows an attacker to cause Denial of Service...

CVE-2017-13323

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation...

OPENSUSE-SU-2025:15084-1 cpp-httplib-devel-0.20.1-1.1 on GA media

These are all security issues fixed in the cpp-httplib-devel-0.20.1-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of incoming HTTP requests with Transfer-Encoding: chunked or without a Content-Length header. An attacker can cause uncontrolled memory allocation on the server b...

DEBIAN-CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

UBUNTU-CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728 cpp-httplib has Unbounded Memory Allocation in Chunked/No-Length Requests

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

CVE-2025-46728

Summary (CVE-2025-46728) : The cpp-httplib library (a header-only C++ HTTP/S library) is vulnerable in versions before 0.20.1 due to failure to enforce size limits on incoming request bodies when using Transfer-Encoding: chunked or when no Content-Length is provided. A remote attacker can send ch...

PT-2025-19817

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.20.1 Description cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. The library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or...

cpp-httplib 资源管理错误漏洞

cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A resource management error vulnerability exists in cpp-httplib versions prior to 0.20.1, which stems from not enforcing the request body size limit, and could lead to memory exhaustion and ...

UBUNTU-CVE-2025-43962

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...