CNNVD-202512-640 Information
Dec 05, 2025
cve
CNNVD ID
CNNVD-202512-640
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
cpp-httplib是yhirose个人开发者的一款使用C++语言编写的HTTP/HTTPS服务器和客户端库。 cpp-httplib 0.27.0之前版本存在安全漏洞,该漏洞源于攻击者可控制的HTTP标头影响服务器可见的元数据、日志记录和授权决策,可能导致IP欺骗和日志投毒。
Description (English)
cpp-httplib is a HTTP/HTTPS server and client library prepared in the C++ language by yhirose personal developers. cpp-httplib 0.27.0 has a security loophole, which arises from the control of the attacker ’ s HTTP header, which influences the visible metadata, log records and authorized decision-making of the server, which may lead to IP fraud and log poisoning.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-05
Last Modified
2026-02-24
References
https://github.com/yhirose/cpp-
Patch
https://github.com/yhirose/cpp-httplib/releases
Share on: