CVE-2025-52887

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.22.0 cpp-httplib version 0.21.0

Description cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. A resource management issue exists in version 0.21.0 due to the library not limiting the number of HTTP headers it processes. This can lead to uncontrolled resource consumption, potentially exhausting system memory and causing a server crash or unresponsiveness when many HTTP header fields are passed in. The memory associated with the headers is not released when the connection is disconnected.

Recommendations Upgrade to cpp-httplib version 0.22.0 or later.

Exploit

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2025-07737

CVE-2025-52887

GHSA-XJHG-GF59-P92H

OESA-2025-1721

OESA-2025-1722

OESA-2025-1723

OESA-2025-1724

OESA-2025-1829

Affected Products

Debian

Cpp-Httplib

CVE-2025-52887

Weakness Enumeration

Related Identifiers

Affected Products

References · 26