Vulnerabilities > Improper Neutralization of CRLF Sequences ('CRLF Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-29 | CVE-2023-49082 | CRLF Injection vulnerability in Aiohttp aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 5.3 |
| 2023-11-03 | CVE-2023-4768 | CRLF Injection vulnerability in Zohocorp Manageengine Desktop Central 9.1.0 A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. | 6.1 |
| 2022-08-15 | CVE-2022-35948 | CRLF Injection vulnerability in Nodejs Undici undici is an HTTP/1.1 client, written from scratch for Node.js.`=< [email protected]` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. | 5.3 |
| 2022-07-19 | CVE-2022-31150 | CRLF Injection vulnerability in Nodejs Undici undici is an HTTP/1.1 client, written from scratch for Node.js. | 6.5 |
| 2022-02-18 | CVE-2022-0666 | CRLF Injection vulnerability in Microweber CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. | 5.0 |
| 2021-12-12 | CVE-2021-4097 | CRLF Injection vulnerability in PHPservermonitor PHP Server Monitor phpservermon is vulnerable to Improper Neutralization of CRLF Sequences | 5.8 |
| 2021-08-27 | CVE-2021-39172 | CRLF Injection vulnerability in Catchethq Catchet Cachet is an open source status page system. | 8.8 |
| 2020-05-20 | CVE-2020-11078 | CRLF Injection vulnerability in multiple products In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. | 6.8 |
| 2019-08-26 | CVE-2017-18587 | CRLF Injection vulnerability in Hyper An issue was discovered in the hyper crate before 0.9.18 for Rust. | 5.0 |
| 2019-08-07 | CVE-2016-10803 | CRLF Injection vulnerability in Cpanel cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923). | 5.0 |