Security Advisory

CVE-2025-0825

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-04 14:11:51

Last updated 2025-05-23 12:50:55

Assigner Checkmarx

State PUBLISHED

Description

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("rn") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

← Browse all CVEs View on cve.org ↗