CVE-2025-46728

{"id": "CVE-2025-46728", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-05-06T01:15:50.790", "references": [{"url": "https://github.com/yhirose/cpp-httplib/commit/7b752106ac42bd5b907793950d9125a0972c8e8e", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-px83-72rx-v57c", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when `Transfer-Encoding: chunked` is used or when no `Content-Length` header is provided. A remote attacker can send a chunked request without the terminating zero-length chunk, causing uncontrolled memory allocation on the server. This leads to potential exhaustion of system memory and results in a server crash or unresponsiveness. Version 0.20.1 fixes the issue by enforcing limits during parsing. If the limit is exceeded at any point during reading, the connection is terminated immediately. A short-term workaround through a Reverse Proxy is available. If updating the library immediately is not feasible, deploy a reverse proxy (e.g., Nginx, HAProxy) in front of the `cpp-httplib` application. Configure the proxy to enforce maximum request body size limits, thereby stopping excessively large requests before they reach the vulnerable library code."}, {"lang": "es", "value": "cpp-httplib es una librer\u00eda de cliente y servidor HTTP/HTTPS de solo encabezado de C++. Antes de la versi\u00f3n 0.20.1, la librer\u00eda no aplicaba los l\u00edmites de tama\u00f1o configurados en los cuerpos de las solicitudes entrantes cuando se usaba `Transfer-Encoding: chunked` o cuando no se proporcionaba el encabezado `Content-Length`. Un atacante remoto podr\u00eda enviar una solicitud fragmentada sin el fragmento de longitud cero de terminaci\u00f3n, lo que causaba una asignaci\u00f3n de memoria incontrolada en el servidor. Esto podr\u00eda agotar la memoria del sistema y provocar un bloqueo o falta de respuesta del servidor. La versi\u00f3n 0.20.1 soluciona el problema aplicando l\u00edmites durante el an\u00e1lisis. Si se supera el l\u00edmite en cualquier momento durante la lectura, la conexi\u00f3n se termina inmediatamente. Existe una soluci\u00f3n temporal a trav\u00e9s de un proxy inverso. Si no es posible actualizar la librer\u00eda inmediatamente, implemente un proxy inverso (p. ej., Nginx, HAProxy) delante de la aplicaci\u00f3n `cpp-httplib`. Configure el proxy para aplicar l\u00edmites de tama\u00f1o m\u00e1ximo en el cuerpo de la solicitud, deteniendo as\u00ed las solicitudes excesivamente grandes antes de que lleguen al c\u00f3digo de la librer\u00eda vulnerable."}], "lastModified": "2025-08-01T21:25:50.847", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cpp-httplib_project:cpp-httplib:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "080C33DC-9FA8-4E78-B951-975B1CEB2A2D", "versionEndExcluding": "0.20.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}