Request Smuggling Vulnerability in Netty Framework
CVE-2025-58056

8.2HIGH

Key Information:

Vendor

Netty

Status
Netty
Vendor
CVE Published:
3 September 2025

What is CVE-2025-58056?

The Netty framework has a vulnerability that allows attackers to exploit how standalone newline characters (LF) are processed as chunk-size line terminators. This misinterpretation occurs within specific versions of the framework and can lead to request smuggling when used in conjunction with reverse proxies. The incorrect handling means that a single malicious request may be seen as two separate requests by the Netty server, enabling potential attacks. This issue is resolved in later versions 4.1.125.Final and 4.2.5.Final, ensuring compliance with the HTTP/1.1 standards.

Affected Version(s)

netty >= 4.2.0.Alpha3, < 4.2.5.Final < 4.2.0.Alpha3, 4.2.5.Final

netty <= 4.1.124.Final, < 4.1.125.Final < 4.1.124.Final, 4.1.125.Final

References

https://github.com/netty/netty/security/advisories/GHSA-f...
x_refsource_CONFIRM
https://github.com/JLLeitschuh/unCVEed/issues/1
x_refsource_MISC
https://github.com/netty/netty/issues/15522
x_refsource_MISC

CVSS V4

Score:
8.2
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-58056 : Request Smuggling Vulnerability in Netty Framework