CVE-2025-68138

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

[SECURITY] Fedora 42 Update: cpp-httplib-0.30.1-5.fc42

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

Fedora 42 : cpp-httplib (2026-3b0e5b457d)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3b0e5b457d advisory. Update to 0.30.1 - Denial of service DOS using zip bomb CVE-2026-22776 - CRLF injection in http headers CVE-2026-21428 - Untrusted HTTP Header...

Fedora 43 : cpp-httplib (2026-e50e41fcea)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e50e41fcea advisory. Update to 0.30.1 - Denial of service DOS using zip bomb CVE-2026-22776 - CRLF injection in http headers CVE-2026-21428 - Untrusted HTTP Header...

CVE-2025-68138

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

CVE-2025-68138 EVerest affected by memory exhaustion in libocpp

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

EUVD-2025-206321

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

CVE-2025-68138

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

libocpp security vulnerabilities

Libocpp is an open-source Open Charge Point Protocol developed by EVerest. Versions of Libocpp prior to 0.30.1 contained security vulnerabilities. These vulnerabilities stemmed from pointers returned by strdup that were not released, which could lead to memory exhaustion and denial of service...

PT-2026-3851

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

SUSE CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the unsafe handling of compressed HTTP request bodies when decompressing data. An attacker can exhaust system memory by sending specially crafted compressed payloads tha...

CVE-2026-22776 cpp-httplib vulnerable to a denial of service (DOS) using a zip bomb

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

EUVD-2026-2006

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

cpp-httplib 安全漏洞

cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A security vulnerability exists in cpp-httplib versions prior to 0.30.1, which stems from insecure handling of compressed HTTP request bodies and could lead to a denial-of-service attack...

PT-2026-2292

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.30.1 Description A potential denial of service DoS condition exists in cpp-httplib due to the way it handles compressed HTTP request bodies, specifically those using gzip or br compression. The library checks th...

Fedora 42 : docker-buildx (2025-04cf139ee2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04cf139ee2 advisory. - Update to release v0.30.1 - Upstream fix ---- - Update to release v0.30.0 - Resolves: rhbz2413270 - Resolves: rhbz2407614, rhbz2407881, rhbz240815...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in truetype crate before 0.30.1 for Rust, which originates from a read operation reading the contents of an uninitialized memory location. No details of the vulnerability are...