CWE-113 HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割) 类弱点 55 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | 发布日期 |
|---|---|---|---|---|
| CVE-2026-42035 | Axios 原型污染致Header注入漏洞 — axios | 7.4 | High | 2026-04-24 |
| CVE-2026-39971 | Serendipity 安全漏洞 — Serendipity | 7.2 | High | 2026-04-14 |
| CVE-2026-40175 | Axios 代码问题漏洞 — axios | 4.8 | Medium | 2026-04-10 |
| CVE-2026-34715 | ewe 注入漏洞 — ewe | 5.3 | Medium | 2026-04-02 |
| CVE-2026-34520 | aiohttp 注入漏洞 — aiohttp | 9.1 | - | 2026-04-01 |
| CVE-2026-34519 | aiohttp 注入漏洞 — aiohttp | 6.5 | - | 2026-04-01 |
| CVE-2026-34514 | aiohttp 注入漏洞 — aiohttp | 6.5 | - | 2026-04-01 |
| CVE-2025-55271 | HCL Aftermarket DPC 安全漏洞 — Aftermarket DPC | 3.1 | Low | 2026-03-26 |
| CVE-2026-27810 | Calibre 注入漏洞 — calibre | 6.4 | Medium | 2026-02-27 |
| CVE-2026-24320 | SAP NetWeaver和SAP ABAP Platform 注入漏洞 — SAP NetWeaver and ABAP Platform (Application Server ABAP) | 3.1 | Low | 2026-02-10 |
| CVE-2026-23686 | SAP NetWeaver Application Server Java 注入漏洞 — SAP NetWeaver Application Server Java | 3.4 | Low | 2026-02-10 |
| CVE-2026-22779 | BlackSheep 注入漏洞 — BlackSheep | 4.3AI | MediumAI | 2026-01-14 |
| CVE-2025-61689 | Julia HTTP.jl 注入漏洞 — HTTP.jl | 6.3AI | MediumAI | 2025-10-10 |
| CVE-2025-40927 | MetaCPAN CGI::Simple 安全漏洞 — CGI::Simple | 6.1 | - | 2025-08-29 |
| CVE-2025-42934 | SAP S/4HANA 注入漏洞 — SAP S/4HANA (Supplier invoice) | 4.3 | Medium | 2025-08-12 |
| CVE-2025-53007 | arduino-esp32 注入漏洞 — arduino-esp32 | 7.5AI | HighAI | 2025-06-26 |
| CVE-2025-41234 | VMware Spring Framework 安全漏洞 — Spring Framework | 6.5 | Medium | 2025-06-12 |
| CVE-2025-30221 | Shopify Pitchfork 注入漏洞 — pitchfork | 5.4AI | MediumAI | 2025-03-27 |
| CVE-2025-0825 | cpp-httplib 安全漏洞 | 6.1 | - | 2025-02-04 |
| CVE-2024-52875 | GFI Kerio Control 安全漏洞 — Kerio Control | 8.8 | High | 2025-01-31 |
| CVE-2024-45687 | Payara Server和Payara Micro 注入漏洞 — Payara Server | 6.5 | - | 2025-01-21 |
| CVE-2024-54021 | Fortinet FortiOS和Fortinet FortiProxy 注入漏洞 — FortiOS | 6.4 | Medium | 2025-01-14 |
| CVE-2024-42487 | Cilium 安全漏洞 — cilium | 4.0 | Medium | 2024-08-15 |
| CVE-2024-20392 | Cisco AsyncOS 安全漏洞 — Cisco Secure Email | 6.1 | Medium | 2024-05-15 |
| CVE-2024-24795 | Apache HTTP Server 安全漏洞 — Apache HTTP Server | 9.1 | - | 2024-04-04 |
| CVE-2024-23644 | Trillium 注入漏洞 — trillium | 6.8 | Medium | 2024-01-24 |
| CVE-2023-48256 | Bosch Nexo cordless nutrunner 安全漏洞 — Nexo cordless nutrunner NXA015S-36V (0608842001) | 5.3 | Medium | 2024-01-10 |
| CVE-2023-26147 | libhv 跨站脚本漏洞 — ithewei/libhv | 5.3 | Medium | 2023-09-29 |
| CVE-2023-41834 | Apache Flink 注入漏洞 — Apache Flink Stateful Functions | 5.4 | - | 2023-09-19 |
| CVE-2023-26142 | Crow 注入漏洞 — Crow | 6.5 | Medium | 2023-09-12 |
CWE-113(HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)) 是常见的弱点类别,本平台收录该类弱点关联的 55 条 CVE 漏洞。