VYPR

CWE-93

Improper Neutralization of CRLF Sequences ('CRLF Injection')

BaseDraft

Description

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

Hierarchy (View 1000)

Parents

Children

Related attack patterns (CAPEC)

CAPEC-15 · CAPEC-81

CVEs mapped to this weakness (143)

page 3 of 8
  • CVE-2026-41570HigMay 8, 2026
    risk 0.44cvss 7.8epss 0.00

    PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes (used for isolated/PHPT test execution) as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser…

  • CVE-2025-52479HigJun 25, 2025
    risk 0.43cvss epss 0.00

    HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers (URIs). URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input…

  • CVE-2014-2017MedJan 18, 2018
    risk 0.43cvss 6.1epss 0.02

    CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x before 5.1.4, and Community Edition before 4.7.11 and 4.8.x before 4.8.4 allows remote attackers to inject arbitrary HTTP headers and…

  • CVE-2026-12143HigJun 12, 2026
    risk 0.42cvss 7.5epss 0.00

    form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the `field` argument to `FormData#append` and the `filename` option are concatenated verbatim into the `Content-Disposition` header without escaping carriage return (CR), line…

  • CVE-2026-50639MedJun 10, 2026
    risk 0.42cvss 6.5epss 0.00

    Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol (and extensions such as dogstatsd) allow mutiple metrics,separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends…

  • CVE-2026-8722MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics.

  • CVE-2026-47075HigMay 25, 2026
    risk 0.42cvss 7.5epss 0.00

    Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode carriage return (\r) or line feed (\n) characters in the URL query component before constructing the HTTP/1.1 request target. Characters…

  • CVE-2026-47072HigMay 25, 2026
    risk 0.42cvss 7.5epss 0.01

    Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackney_ws.erl copies the host, path, headers (ExtraHeaders), and protocols options from the caller-supplied…

  • CVE-2026-32964MedApr 20, 2026
    risk 0.42cvss 6.5epss 0.00

    SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration.

  • CVE-2025-56007MedOct 23, 2025
    risk 0.42cvss 6.5epss 0.00

    CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the device via adding additional users with full permissions by managing the victim to open page with exploit.

  • CVE-2016-4975MedAug 14, 2018
    risk 0.41cvss 6.1epss 0.20

    Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP…

  • CVE-2026-8788HigMay 18, 2026
    risk 0.40cvss 7.3epss 0.00

    Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the set_add method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a…

  • CVE-2017-14037MedAug 30, 2017
    risk 0.40cvss 6.1epss 0.01

    CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.

  • CVE-2014-9564MedAug 25, 2017
    risk 0.40cvss 6.1epss 0.01

    CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware before 3.4.1110 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks and resulting web cache poisoning or cross-site…

  • CVE-2017-5868MedMay 26, 2017
    risk 0.40cvss 6.1epss 0.05

    CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to…

  • CVE-2017-8791MedMay 5, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a home/seos/courier/login.html auth_params CRLF attack vector.

  • CVE-2017-8788MedMay 5, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a CRLF vulnerability in settings_global_text_edit.php allowing ?display=x%0Dnewline attacks.

  • CVE-2017-2111MedApr 28, 2017
    risk 0.40cvss 6.1epss 0.01

    HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and earlier, TS-PTCAM firmware version 1.18…

  • CVE-2017-6508MedMar 7, 2017
    risk 0.40cvss 6.1epss 0.03

    CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.

  • CVE-2016-6484MedJan 23, 2017
    risk 0.40cvss 6.1epss 0.02

    CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.