DEBIAN-CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

UBUNTU-CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825 CRLF injection in Cpp-httplib

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825 CRLF injection in Cpp-httplib

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825

CVE-2025-0825 affects the C++ header-only library cpp-httplib, where versions v0.17.3 through v0.18.3 do not filter CRLF characters when preceded by a null byte. The underlying issue enables CRLF injection, which could lead to HTTP Response Splitting and related risks (e.g., XSS) as described in ...

CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

PT-2025-4064 · Unknown +1 · Cpp-Httplib +1

Name of the Vulnerable Software and Affected Versions: cpp-httplib versions v0.17.3 through v0.18.3 Description: The issue allows attackers to exploit CRLF injection, which could lead to HTTP Response Splitting, XSS, and more, by not filtering CRLF characters r when those are prefixed with a null...

MAL-2025-1081 Malicious code in cpp-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 945408f1cef00dd75fd8e3eb7ed23f4ecb75d649c89cb995ebc74f9cb2ca8f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cpp-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 945408f1cef00dd75fd8e3eb7ed23f4ecb75d649c89cb995ebc74f9cb2ca8f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1131 Malicious code in hiero-sdk-cpp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61510394f06f71bb323c3d38fbd8d57e3ac9f52dd65bf7f1054e952798c9ac39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hiero-sdk-cpp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61510394f06f71bb323c3d38fbd8d57e3ac9f52dd65bf7f1054e952798c9ac39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora 41 : abseil-cpp (2025-7631628ba6)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7631628ba6 advisory. Update to 20240722.1 - Fix potential integer overflow in hash container create/resize Tenable has extracted the preceding description block directly from the...

CVE-2024-49738

In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-49738

CVE-2024-49738 is documented across multiple sources as a vulnerability in Google Android involving the function writeInplace in Parcel.cpp. The issue is described as a possible out-of-bounds write in this function, which could enable local escalation of privilege with no additional execution pri...

CVE-2024-49738

In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-2853 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the fix Description: The issue is related to a possible out of bounds write in the writeInplace function of Parcel.cpp. This could lead to local escalation of privilege with no additional execution privileges needed...

CVE-2024-43097

CVE-2024-43097 : The issue is a possible out-of-bounds write in SkRegion.cpp in resizeToAtLeast caused by an integer overflow, which could lead to local privilege escalation with no user interaction required. The vulnerability is referenced across multiple advisories for Mozilla components (Firef...

PT-2025-49306

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.27.0 Description The software is a C++11 single-file header-only cross-platform HTTP/HTTPS library. A flaw exists where attacker-controlled HTTP headers can affect server-visible metadata, logging, and...

PT-2025-49305

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.27.0 Description The cpp-httplib library has a flaw where attacker-controlled HTTP headers can influence server metadata, logging, and authorization decisions. An attacker can inject headers such as REMOTE ADDR,...