12 matches found
openSUSE 16 Security Update : cpp-httplib (openSUSE-SU-2026:20056-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20056-1 advisory. - CVE-2025-66570: IP spoofing, log poisoning, and authorization bypass via header shadowing due to acceptance and parsing of client-controlled...
Security update for cpp-httplib (critical)
openSUSE security update: security update for cpp-httplib ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20056-1 Rating: critical References: bsc1254734 bsc1254735 Cross-References: CVE-2025-66570 CVE-2025-66577 CVSS scores: CVE-2025-66570 SUSE : 1...
SUSE-SU-2026:20090-1 Security update for cpp-httplib
This update for cpp-httplib fixes the following issues: - CVE-2025-66570: IP spoofing, log poisoning, and authorization bypass via header shadowing due to acceptance and parsing of client-controlled injected HTTP headers in incoming requests bsc1254734. - CVE-2025-66577: access and error log...
OESA-2025-2858 cpp-httplib security update
A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled...
CVE-2025-66570
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
UBUNTU-CVE-2025-66570
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
CVE-2025-66570 cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
EUVD-2025-201455
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
CVE-2025-66570 cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
CVE-2025-66570
cpp-httplib is affected by CVE-2025-66570 through headers handling in httplib.h prior to 0.27.0. Attacker-controlled HTTP headers named REMOTE_ADDR, REMOTE_PORT, LOCAL_ADDR, LOCAL_PORT can be parsed into the request header multimap by read_headers(), then reused by Server::process_request, potent...
CVE-2025-66570 cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can inject headers named REMOTEADDR, REMOTEPORT,...
PT-2025-49305
Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.27.0 Description The cpp-httplib library has a flaw where attacker-controlled HTTP headers can influence server metadata, logging, and authorization decisions. An attacker can inject headers such as REMOTE ADDR,...