Yhirose

Cpp-httplib

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-34441

Exploit
  • EPSS 0.04%
  • Veröffentlicht 31.03.2026 21:21:33
  • Zuletzt bearbeitet 01.04.2026 20:28:01

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file handler serves GET responses without consuming the request body. ...

7.4

CVE-2026-33745

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.03.2026 01:16:21
  • Zuletzt bearbeitet 01.04.2026 14:44:55

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored Basic Auth, Bearer Token, and Digest Auth credentials to arbitrary hosts when following cross-origin HTTP r...

8.1

CVE-2026-32627

Exploit
  • EPSS 0.02%
  • Veröffentlicht 13.03.2026 20:48:14
  • Zuletzt bearbeitet 17.03.2026 19:08:44

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and set_follow_location(true), any HTTPS redirect it follows will have TLS certificate and hostnam...

7.5

CVE-2026-31870

Exploit
  • EPSS 0.07%
  • Veröffentlicht 11.03.2026 17:57:49
  • Zuletzt bearbeitet 18.03.2026 15:36:20

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API (httplib::stream::Get, httplib::stream::Post, etc.), the library calls std::stoull() directly on the C...

5.9

CVE-2026-29076

Exploit
  • EPSS 0.06%
  • Veröffentlicht 07.03.2026 16:08:56
  • Zuletzt bearbeitet 09.03.2026 21:19:35

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.37.0, cpp-httplib uses std::regex (libstdc++) to parse RFC 5987 encoded filename* values in multipart Content-Disposition headers. The regex engine i...

7.5

CVE-2026-28435

Exploit
  • EPSS 0.06%
  • Veröffentlicht 04.03.2026 19:36:33
  • Zuletzt bearbeitet 05.03.2026 22:09:45

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib (httplib.h) does not enforce Server::set_payload_max_length() on the decompressed request body when using HandlerWithContentReader (streami...

5.3

CVE-2026-28434

Exploit
  • EPSS 0.07%
  • Veröffentlicht 04.03.2026 19:34:30
  • Zuletzt bearbeitet 05.03.2026 22:11:16

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via set_exception_handler(), the librar...

7.5

CVE-2026-22776

Exploit
  • EPSS 0.08%
  • Veröffentlicht 12.01.2026 18:18:01
  • Zuletzt bearbeitet 15.01.2026 22:43:10

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service (DoS) vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies (Content-Encoding: g...

7.5

CVE-2026-21428

Exploit
  • EPSS 0.02%
  • Veröffentlicht 01.01.2026 17:54:43
  • Zuletzt bearbeitet 06.01.2026 18:20:44

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the ``write_headers`` function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header...

5.3

CVE-2025-66577

Exploit
  • EPSS 0.09%
  • Veröffentlicht 05.12.2025 18:20:25
  • Zuletzt bearbeitet 11.12.2025 18:09:30

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can sup...