Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Ubuntu 26.04 cpp-httplib Important HTTP Issue USN-8470-1 CVE-2026-45372

ubuntu
Calendar Grey June 25, 2026
Scroller Ubuntu
Critical update for cpp-httplib in Ubuntu fixes network request handling issue introducing security risks.
cpp-httplib could mishandle HTTP requests if it received specially crafted network traffic.

Summary

cpp-httplib could mishandle HTTP requests if it received specially

crafted network traffic.

Software Description:

- cpp-httplib: A C++ header-only HTTP/HTTPS server and client library

Details:

It was discovered that cpp-httplib incorrectly percent-decoded HTTP

request header values. A remote attacker could use this to inject crafted

header content possibly leading to response splitting, log injection

or proxy smuggling.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  libcpp-httplib-dev              0.26.0+ds-2ubuntu3+esm1
                                  Available with Ubuntu Pro
  libcpp-httplib0.26              0.26.0+ds-2ubuntu3+esm1
                                  Available with Ubuntu Pro

Ubuntu 25.10
  libcpp-httplib-dev              0.18.7-1ubuntu0.25.10.2
  libcpp-httplib0.18              0.18.7-1ubuntu0.25.10.2

Ubuntu 24.04 LTS
  libcpp-httplib-dev              0.14.3+ds-1.1ubuntu0.1~esm2
                                  Available with Ubuntu Pro
  libcpp-httplib0.14t64           0.14.3+ds-1.1ubuntu0.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libcpp-httplib-dev              0.10.3+ds-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro
  libcpp-httplib0                 0.10.3+ds-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8470-1

CVE-2026-45372

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8470-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.