diff --git a/vulnerabilities/crlf-injection.yaml b/vulnerabilities/crlf-injection.yaml
index d874d91370..da81c3e564 100644
--- a/vulnerabilities/crlf-injection.yaml
+++ b/vulnerabilities/crlf-injection.yaml
@@ -13,5 +13,5 @@ requests:
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)'
+          - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
         part: header
diff --git a/vulnerabilities/open-redirect.yaml b/vulnerabilities/open-redirect.yaml
index 1cdef8498b..e7f7e3c6ec 100644
--- a/vulnerabilities/open-redirect.yaml
+++ b/vulnerabilities/open-redirect.yaml
@@ -16,5 +16,5 @@ requests:
     matchers:
       - type: regex
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
         part: header