CNNVD-202512-644 Information
Dec 05, 2025
cve
CNNVD ID
CNNVD-202512-644
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
cpp-httplib是yhirose个人开发者的一款使用C++语言编写的HTTP/HTTPS服务器和客户端库。 cpp-httplib 0.27.0之前版本存在安全漏洞,该漏洞源于攻击者可控制的HTTP标头影响服务器可见的元数据、日志记录和授权决策,可能导致IP欺骗、日志投毒和授权绕过。
Description (English)
cpp-httplib is a HTTP/HTTPS server and client library prepared in the C++ language by yhirose personal developers. cpp-httplib 0.27.0 has a security loophole, which arises from the control of the assailant ’ s HTTP header, which influences the visible metadata, log records and authorized decision-making of the server, which may lead to IP fraud, log poisoning and circumvention.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-12-05
Last Modified
2026-02-24
References
https://github.com/yhirose/cpp-
Patch
https://github.com/yhirose/cpp-httplib/releases
Share on: