CVE-2025-0825

216.73.216.6

· Published 04/02/2025 15:15 · Modified 04/02/2025 15:15

Labels: CVE-2025-0825 2025-02-04 596c5446-0ce5-4ba2-aa66-48b3b757a647 CVE-2025-0825 CWE-113

Essential information

Published: 04/02/2025 15:15
Modified: 04/02/2025 15:15
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more.

NVD status

Status: Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 596c5446-0ce5-4ba2-aa66-48b3b757a647
NVD: View on NVD

CVE-2025-0825

Essential information

Description

NVD status

References