SUSE Package Hub - openSUSE-2026-7

Update Info

openSUSE-2026-7

Security update for cpp-httplib

Type: security

Severity: important

Issued: 2026-01-12

Description:

This update for cpp-httplib fixes the following issues:

- CVE-2025-53629: Fixed that a header can allocate memory arbitrarily in the server, potentially leading to its exhaustion (boo#1246471)
- CVE-2025-53628: Fixed HTTP header smuggling due to insecure trailers merge (boo#1246468)
- CVE-2025-52887: Fixed that the number of HTTP header fields was not limited, which can lead to potential exhaustion of system memory (boo#1245414)

References

CVE: CVE-2025-53629
CVE: CVE-2025-53628
CVE: CVE-2025-52887
Bugzilla: 1246471 VUL-0: CVE-2025-53629: cpp-httplib: header can allocate memory arbitrarily in the server, potentially leading to its exhaustion
Bugzilla: 1246468 VUL-0: CVE-2025-53628: cpp-httplib: HTTP header smuggling due to insecure trailers merge
Bugzilla: 1245414 VUL-0: CVE-2025-52887: cpp-httplib: number of HTTP header fields not limited, which can lead to potential exhaustion of system memory

Packages

cpp-httplib-0.20.1-bp157.2.3.1