CWE-443: DEPRECATED: HTTP response splitting

This weakness can be found at CWE-113.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

CWE-443 (DEPRECATED: HTTP response splitting) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

Real-world CVEs

1 recorded CVEs are caused by CWE-443 (DEPRECATED: HTTP response splitting). The highest-severity and most recent are shown first. 1 new CWE-443 CVE has been recorded so far in 2026.

CWE-443: DEPRECATED: HTTP response splitting

Overview

Real-world CVEs

Frequently asked questions

What is CWE-443?

What CVEs are caused by CWE-443?

Is CWE-443 actively exploited?

References

Stay ahead of CWE-443