Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cpp-httplib vulnerable to a denial of service (DOS) using a zip bomb
Vulnerability Description
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service (DoS) vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies (Content-Encoding: gzip, br, etc.). The library validates the payload_max_length against the compressed data size received from the network, but does not limit the size of the decompressed data stored in memory.
CVSS Information
N/A
Vulnerability Type
对高度压缩数据的处理不恰当(数据放大攻击)
Vulnerability Title
cpp-httplib 安全漏洞
Vulnerability Description
cpp-httplib是yhirose个人开发者的一款使用C++语言编写的HTTP/HTTPS服务器和客户端库。 cpp-httplib 0.30.1之前版本存在安全漏洞,该漏洞源于对压缩HTTP请求体的不安全处理,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A