CWE-93— CRLF Injection
133 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-93page 1 of 3
- CVE-2007-0892NONECVSS 0.0EG 0.02007-02-12
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "…
- CVE-2014-2017MEDIUMCVSS 6.1EG 6.12018-01-18
CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attacke…
- CVE-2014-9563MEDIUMCVSS 4.9EG 4.92018-04-12
CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and conseq…
- CVE-2016-10803HIGHCVSS 7.5EG 7.52019-08-07
cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923).
- CVE-2016-3115MEDIUMCVSS 6.4EG 6.42016-03-22
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (…
- CVE-2016-4975MEDIUMCVSS 6.1EG 6.12018-08-14
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header …
- CVE-2017-15400HIGHCVSS 7.8EG 7.82018-02-07
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issu…
- CVE-2017-18587MEDIUMCVSS 5.3EG 5.32019-08-26
An issue was discovered in the hyper crate before 0.9.18 for Rust. It mishandles newlines in headers.
- CVE-2017-7528MEDIUMCVSS 5.2EG 6.52018-08-22
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback).
- CVE-2018-1000164HIGHCVSS 7.5EG 7.52018-04-18
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitr…
- CVE-2018-12477LOWCVSS 3.5EG 7.52018-10-09
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Serv…
- CVE-2018-12537MEDIUMCVSS 5.3EG 5.32018-08-14
In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the…
- CVE-2018-19585HIGHCVSS 7.5EG 7.52019-05-17
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
- CVE-2018-6148MEDIUMCVSS 6.5EG 6.52019-06-27
Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
- CVE-2019-10272MEDIUMCVSS 6.1EG 6.12019-04-30
An issue was discovered in Weaver e-cology 9.0. There is a CRLF Injection vulnerability via the /workflow/request/ViewRequestForwardSPA.jsp isintervenor parameter, as demonstrated by the %0aSet-cookie: substring.
- CVE-2019-10678HIGHCVSS 7.5EG 7.52019-03-31
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
- CVE-2019-11236MEDIUMCVSS 6.1EG 6.12019-04-15
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
- CVE-2019-15616MEDIUMCVSS 4.3EG 4.32020-02-04
Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.
- CVE-2019-7313MEDIUMCVSS 6.1EG 6.12019-02-03
www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
- CVE-2019-9740MEDIUMCVSS 6.1EG 6.12019-03-13
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen wi…
- CVE-2019-9741MEDIUMCVSS 6.1EG 6.12019-03-13
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
- CVE-2019-9947MEDIUMCVSS 6.1EG 6.12019-03-23
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen wi…
- CVE-2020-11078MEDIUMCVSS 6.8EG 6.82020-05-20
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that …
- CVE-2020-15111MEDIUMCVSS 4.2EG 4.22020-07-20
In Fiber before version 1.12.6, the filename that is given in c.Attachment() (https://docs.gofiber.io/ctx#attachment) is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and…
- CVE-2020-3246MEDIUMCVSS 4.3EG 4.32020-05-06
A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insuffici…
- CVE-2020-3561MEDIUMCVSS 4.7EG 4.72020-10-21
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in th…
- CVE-2021-31164HIGHCVSS 7.5EG 7.52021-05-04
Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping in the log statements.
- CVE-2021-39172HIGHCVSS 8.8EG 8.82021-08-27
Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain a…
- CVE-2021-4097MEDIUMCVSS 5.4EG 6.32021-12-12
phpservermon is vulnerable to Improper Neutralization of CRLF Sequences
- CVE-2022-0666HIGHCVSS 7.5EG 7.52022-02-18
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11.
- CVE-2022-31014MEDIUMCVSS 5.4EG 5.42022-07-05
Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk h…
- CVE-2022-31150MEDIUMCVSS 5.3EG 5.32022-07-19
undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untru…
- CVE-2022-35948MEDIUMCVSS 5.3EG 5.32022-08-15
undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. Exam…
- CVE-2022-50682MEDIUMCVSS 6.5EG 6.52025-12-18
A CRLF injection vulnerability in Kentico Xperience allows attackers to manipulate URL query string redirects via improper encoding in the routing engine. This could enable header injection and potentially facilitate further web applicatio…
- CVE-2023-0040HIGHCVSS 7.5EG 7.52023-01-18
Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to …
- CVE-2023-23936MEDIUMCVSS 6.5EG 6.52023-02-16
Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19.1, the undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. This issue is patched in Undici v5.19.1. As a wo…
- CVE-2023-26130HIGHCVSS 7.5EG 7.52023-05-30
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical erro…
- CVE-2023-26138MEDIUMCVSS 5.4EG 5.42023-07-06
All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when untrusted user input is used to set request headers in the addHeader function. An attacker can add the \r\n (carriage return line feeds) characters an…
- CVE-2023-26148MEDIUMCVSS 5.4EG 5.42023-09-29
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the …
- CVE-2023-34472MEDIUMCVSS 5.7EG 5.72023-07-05
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.
- CVE-2023-38551HIGHCVSS 8.2EG 8.22024-05-31
A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high-privileged user to inject malicious code on a victim’s browser, thereby leading to cross-site scripting attack.
- CVE-2023-4767MEDIUMCVSS 6.1EG 6.12023-11-03
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fi…
- CVE-2023-4768MEDIUMCVSS 6.1EG 6.12023-11-03
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fi…
- CVE-2023-49082MEDIUMCVSS 5.3EG 5.32023-11-29
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request (e.g. insert a new header) or even create a new HTTP request if the attacker c…
- CVE-2024-1226HIGHCVSS 7.5EG 7.52024-03-12
The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response r…
- CVE-2024-20337HIGHCVSS 8.2EG 8.22024-03-06
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insuf…
- CVE-2024-32986CRITICALCVSS 9.6EG 9.62024-05-03
PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. Due to improper sanitization of web app properties (such as name, description, shortcuts), web apps were able to inject additional lines in…
- CVE-2024-36459HIGHCVSS 8.4EG 0.02024-06-14
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascrip…
- CVE-2024-40324MEDIUMCVSS 5.4EG 9.82024-07-25
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation.
- CVE-2024-45302MEDIUMCVSS 6.1EG 6.12024-08-29
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdateHeader` and `RestClient.AddDefaultHeade…
Map vulnerabilities like CWE-93 to your infrastructure
EchelonGraph correlates every CVE — across CWE-93 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →