Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-0825

Опубликовано: 04 фев. 2025
Источник: nvd
CVSS3: 5.3
EPSS Низкий

Описание

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:yhirose:cpp-httplib:*:*:*:*:*:*:*:*
Версия от 0.17.3 (включая) до 0.18.4 (исключая)

EPSS

Процентиль: 37%
0.00159
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-113

Связанные уязвимости

ubuntu логотип

CVE-2025-0825

CVSS3: 5.3
ubuntu
около 1 года назад

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

debian логотип

CVE-2025-0825

CVSS3: 5.3
debian
около 1 года назад

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF chara ...

github логотип

GHSA-65rj-829h-6g8x

CVSS3: 5.3
github
около 1 года назад

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

EPSS

Процентиль: 37%
0.00159
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-113