CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microwebe…

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remo…

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauth…

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regar…

Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdi…

Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.

GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 1…

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x throug…

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x throug…

CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote …

Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a …

The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP comma…

CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows r…

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version…

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version…

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.…

CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat J…

In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request …

CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before …

gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP H…

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker co…

Apache Unomi prior to version 1.5.5 allows CRLF log injection because of the lack of escaping i…

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker co…

basic-ftp is an FTP client for Node.js. Prior to 5.2.1, basic-ftp allows FTP command injection …

CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote …

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote a…

redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CR…

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.…

h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/…

Mailpit is an email testing tool and API for developers. Prior to version 1.28.3, Mailpit's SMT…

CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbit…

A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) S…

undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vuln…

CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Sieme…

HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 …

A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote a…

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when…

CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband…

Undici is an HTTP/1.1 client for Node.js. Starting with version 2.0.0 and prior to version 5.19…

undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF s…