Chen T

**Name of the Vulnerable Software and Affected Versions** HTTP.jl versions prior to 1.10.19 **Description** HTTP.jl, an HTTP client and server for the Julia programming language, did not properly validate header names and values, creating a risk of header injection and response splitting. This could lead to several security issues, including cache poisoning, cross-site scripting (XSS), and session fixation. The issue stems from a lack of validation for illegal characters in header data. The vulnerable component is the handling of HTTP headers. **Recommendations** Update HTTP.jl to version 1.10.19 or later.