Описание
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: This vulnerability is related to CVE-2025-53628.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cpp-httplib | fixed | 0.25.0+ds-1 | experimental | package |
| cpp-httplib | unfixed | package |
Примечания
https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-qjmq-h3cc-qv6w
https://github.com/yhirose/cpp-httplib/commit/082acacd4581d10e05fccbe9cb336aa7822c4ea2 (v0.23.0)
Связанные уязвимости
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: This vulnerability is related to CVE-2025-53628.
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: This vulnerability is related to CVE-2025-53628.
Уязвимость библиотеки cpp-httplib, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании