CVE-2025-67735 | Netty up to 4.1.129.Final/4.2.8.Final io.netty.handler.codec.http.HttpRequestEncoder crlf injection (GHSA-84h7-rjj3-6jx4)

A vulnerability marked as problematic has been reported in Netty up to 4.1.129.Final/4.2.8.Final. The impacted element is the function io.netty.handler.codec.http.HttpRequestEncoder. Performing manipulation results in crlf injection.

This vulnerability is known as CVE-2025-67735. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More