Search Vulnerabilities

HTTP response splitting and DoS in i18next-http-middleware via unsanitised Content-Language header

Apache Thrift: Node.js web_server.js multi-vulnerability

Axios: Header Injection via Prototype Pollution

Serendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOST

Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Electron: HTTP Response Header Injection in custom protocol handlers and webRequest

ewe Has Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Request/Response Splitting)

AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values - header injection / security bypass

AIOHTTP: HTTP response splitting via \r in reason phrase

AIOHTTP: CRLF injection in multipart part content type header construction

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability

calibre Vulnerable to HTTP Response Header Injection

Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP)

CRLF Injection vulnerability in SAP NetWeaver Application Server Java

Gakido vulnerable to HTTP Header Injection (CRLF Injection)

BlackSheep ClientSession is vulnerable to CRLF injection

Pi-hole Admin Interface vulnerable to HTTP response header injection via CRLF injection

HTTP.jl vulnerable to Header injection/Response splitting via header construction.

CGI::Simple versions 1.281 and earlier for Perl has a HTTP response splitting flaw

CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice)