Home > Vulnerability Database > CVE-2025-52887

Mend.io Vulnerability Database

CVE-2025-52887

Good to know:

Date: June 26, 2025

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected. This leads to potential exhaustion of system memory and results in a server crash or unresponsiveness. Version 0.22.0 contains a patch for the issue.

Severity Score

7.5

Related Resources (5)

Url: https://security-tracker.debian.org/tracker/CVE-2025-52887

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-52887

Url: https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-xjhg-gf59-p92h

Url: https://github.com/yhirose/cpp-httplib/commit/28dcf379e82a2cdb544d812696a7fd46067eb7f9

Url: https://www.mend.io/vulnerability-database/CVE-2025-52887

Severity Score

7.5

Weakness Type (CWE)

Uncontrolled Resource Consumption

CWE-400

Top Fix

Upgrade Version

Upgrade to version https://github.com/yhirose/cpp-httplib.git - v0.22.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-52887

Good to know:

Date: June 26, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?