Shouco

**Name of the Vulnerable Software and Affected Versions** cpp-httplib versions 0.5.8 and earlier **Description** The issue arises from the lack of filtering for `r ` in parameters passed to the `set redirect` and `set header` functions, potentially leading to CRLF injection and HTTP response splitting in specific contexts. **Recommendations** For cpp-httplib versions 0.5.8 and earlier, consider disabling the `set redirect` and `set header` functions until a patch is available to prevent potential CRLF injection and HTTP response splitting attacks. Restrict access to these functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gogs versions prior to 0.11.92 **Description** The issue allows attackers to violate the admin-specified repo-creation policy due to a race condition in internal/db/repo.go. **Recommendations** For versions prior to 0.11.92, update to version 0.11.92 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** hiredis versions prior to 0.14.1 **Description** The issue arises from un-checked malloc return values in async.c and dict.c files within libhiredis.a of hiredis, leading to a potential NULL pointer dereference. **Recommendations** For versions prior to 0.14.1, update to version 0.14.1 or later to resolve the issue.