CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')
The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.
135 vulnerabilities with CWE-93
CVE-2019-15616
MEDIUM
Nextcloud 16 - SSRF
CVSS 4.3
CVE-2019-10272
MEDIUM
Weaver e-cology 9.0 - CRLF Injection
CVSS 6.1
CVE-2019-11236
MEDIUM
urllib3 <1.24.1 - CRLF Injection
CVSS 6.1
CVE-2019-10678
HIGH
Domoticz <4.10579 - Info Disclosure
CVSS 7.5
CVE-2019-9947
MEDIUM
Python 2.x-2.7.16 & Python 3.x-3.7.3 - CRLF Injection
CVSS 6.1
CVE-2019-9741
MEDIUM
Go 1.11.5 - CRLF Injection
CVSS 6.1
CVE-2019-9740
MEDIUM
Python 2.x-3.7.3 - CRLF Injection
CVSS 6.1
CVE-2019-7313
MEDIUM
Buildbot <1.8.1 - CRLF Injection
CVSS 6.1
CVE-2018-6148
MEDIUM
Google Chrome <67.0.3396.79 - CSRF
CVSS 6.5
CVE-2018-19585
HIGH
GitLab CE/EE <11.3.11-11.5.1 - CRLF Injection
CVSS 7.5
CVE-2018-12477
LOW
Open Build Service <d6244245dda5367767efc989446fe4b5e4609cce - Info...
CVSS 3.5
CVE-2018-12537
MEDIUM
Eclipse Vert.x <3.5.1 - Code Injection
CVSS 5.3
CVE-2018-1000164
HIGH
Gunicorn <19.5.0 - CRLF Injection
CVSS 7.5
CVE-2017-18587
MEDIUM
hyper <0.9.18 - Info Disclosure
CVSS 5.3
CVE-2017-7528
MEDIUM
Ansible Tower - CRLF Injection
CVSS 5.2
CVE-2017-15400
HIGH
CUPS <62.0.3202.74 - Command Injection
CVSS 7.8
CVE-2017-14037
MEDIUM
CrushFTP <7.8.0, <8.2.0 - Info Disclosure
CVSS 6.1
CVE-2017-5868
MEDIUM
OpenVPN Access Server 2.1.4 - CRLF Injection
CVSS 6.1
CVE-2017-8791
MEDIUM
Accellion FTA <FTA_9_12_180 - Auth Bypass
CVSS 6.1
CVE-2017-8788
MEDIUM
Accellion FTA <FTA_9_12_180 - Info Disclosure
CVSS 6.1
CVE-2017-2111
MEDIUM
TS-* - Info Disclosure
CVSS 6.1
CVE-2017-6508
MEDIUM
Wget <1.19.1 - CRLF Injection
CVSS 6.1
CVE-2016-10803
HIGH
cPanel <57.9999.105 - Info Disclosure
CVSS 7.5
CVE-2016-4975
MEDIUM
Apache HTTP Server <2.4.24, <2.2.32 - CRLF Injection
CVSS 6.1
CVE-2016-6484
MEDIUM
Infoblox Network Automation <7.1.1 - CRLF Injection
CVSS 6.1
Details
Vulnerabilities
135