USN-7962-1: cpp-httplib vulnerability

USN-7962-1: cpp-httplib vulnerability

Publication date: 14 January 2026
Overview: cpp-httplib could allow unintended access to network services if it received specially crafted network traffic.

Packages
cpp-httplib - A C++11 single-file header-only cross platform HTTP/HTTPS library.

Details
It was discovered that cpp-httplib did not correctly handle HTTP headers.
A remote attacker could possibly use this issue to bypass authorization
and impersonate users.

Update instructions
In general, a standard system update will make all the necessary changes.

25.10 questing

• libcpp-httplib-dev – 0.18.7-1ubuntu0.25.10.1
• libcpp-httplib0.18 – 0.18.7-1ubuntu0.25.10.1

25.04 plucky

• libcpp-httplib-dev – 0.18.7-1ubuntu0.25.04.1
• libcpp-httplib0.18 – 0.18.7-1ubuntu0.25.04.1

24.04 LTS noble

• libcpp-httplib-dev – 0.14.3+ds-1.1ubuntu0.1~esm1
• libcpp-httplib0.14t64 – 0.14.3+ds-1.1ubuntu0.1~esm1

22.04 LTS jammy

• libcpp-httplib-dev – 0.10.3+ds-1ubuntu0.1~esm1
• libcpp-httplib0 – 0.10.3+ds-1ubuntu0.1~esm1