CVE-2026-41417 | Netty up to 4.1.132.Final/4.2.12.Final HTTP Request setUri crlf injection (GHSA-v8h7-rr48-vmmv)

Inserito da Angelo Barbosa | Mag 7, 2026 | CVE

A vulnerability was found in Netty up to 4.1.132.Final/4.2.12.Final. It has been classified as problematic. This affects the function setUri of the component HTTP Request Handler. Performing a manipulation results in crlf injection.

This vulnerability is reported as CVE-2026-41417. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-41417 | Netty up to 4.1.132.Final/4.2.12.Final HTTP Request setUri crlf injection (GHSA-v8h7-rr48-vmmv)

Post correlati

CVE-2024-5404 | ifm moneo appliance QVA200 up to 1.13 password recovery (VDE-2024-028)

CVE-2025-21028 | Samsung Devices ThemeManager privileges management

CVE-2024-4361 | SiteOrigin Page Builder Plugin up to 2.29.15 on WordPress Shortcode siteorigin_widget cross site scripting

CVE-2024-6446 | GitLab up to 17.1.6/17.2.4/17.3.1 URL logic error (Issue 470144)