CWE-113
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
73 vulnerabilities with CWE-113
CVE-2026-27810
MEDIUM
calibre <9.4.0 - HTTP Response Header Injection
CVSS 6.4
CVE-2026-24320
LOW
SAP NetWeaver - Memory Corruption
CVSS 3.1
CVE-2026-23686
LOW
SAP NetWeaver Application Server Java - CRLF Injection
CVSS 3.4
CVE-2026-24489
MEDIUM
Gakido <0.1.1 - Command Injection
CVSS 5.3
CVE-2026-22779
MEDIUM
BlackSheep <2.4.6 - CRLF Injection
CVSS 5.3
CVE-2025-59151
HIGH
Pi-hole Web Interface < 6.3 - XSS
CVSS 8.2
CVE-2025-61689
HTTP.jl <1.10.19 - CRLF-based Header Injection
CVE-2025-40927
HIGH
CGI::Simple <1.282 - XSS
CVSS 7.3
CVE-2025-42934
MEDIUM
SAP S/4HANA - CRLF Injection
CVSS 4.3
CVE-2025-53094
ESPAsyncWebServer <3.7.8 - CRLF Injection
CVE-2025-53007
Arduino-esp32 <3.3.0-RC1, <3.2.1 - SSRF
CVE-2025-52479
HTTP.jl <1.10.17 & URIs.jl <1.6.0 - CRLF Injection
CVE-2025-41234
MEDIUM
Spring Framework <6.0.5, 6.1.x, 6.2.x - RFD
CVSS 6.5
CVE-2025-30221
MEDIUM
Pitchfork <0.11.0 - HTTP Response Header Injection
CVSS 4.3
CVE-2025-0588
MEDIUM
Octopus Server - DoS
CVSS 4.9
CVE-2025-0825
MEDIUM
Yhirose Cpp-httplib < 0.18.4 - XSS
CVSS 5.3
CVE-2024-52875
HIGH
GFI Kerio Control < 9.4.5 - XSS
CVSS 8.8
CVE-2024-45687
Payara Platform <6.21.0 - HTTP Request/Response Splitting
CVE-2024-54021
MEDIUM
Fortinet FortiOS <7.6.0 - SSRF
CVSS 6.5
CVE-2024-42487
MEDIUM
Cilium <1.15.8-1.16.1 - Info Disclosure
CVSS 4.0
CVE-2024-40324
MEDIUM
E-Staff <5.1 - HTTP Response Splitting
CVSS 5.4
CVE-2024-20392
MEDIUM
Cisco AsyncOS Software - XSS
CVSS 6.1
CVE-2024-24795
MEDIUM
Apache HTTP Server <2.4.59 - SSRF
CVSS 6.3
CVE-2024-23644
MEDIUM
Trillium < 0.5.4 - Interpretation Conflict
CVSS 6.8
CVE-2023-48256
MEDIUM
Bosch Nexo-os < 1500-sp2 - Interpretation Conflict
CVSS 5.3
Details
Vulnerabilities
73