Ori Ron

**Name of the Vulnerable Software and Affected Versions** cpp-httplib versions v0.17.3 through v0.18.3 **Description** The issue allows attackers to exploit CRLF injection, which could lead to HTTP Response Splitting, XSS, and more, by not filtering CRLF characters (`r `) when those are prefixed with a null byte. **Recommendations** For versions v0.17.3 through v0.18.3, consider filtering CRLF characters (`r `) even when prefixed with a null byte to prevent exploitation. As a temporary workaround, restrict the use of the affected function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.