EEF-CVE-2026-47075

See a problem?
Please try reporting it to the source first.
Source
https://cna.erlef.org/osv/EEF-CVE-2026-47075.html
Import Source
https://cna.erlef.org/osv/EEF-CVE-2026-47075.json
JSON Data
https://api.osv.dev/v1/vulns/EEF-CVE-2026-47075
Aliases
  • CVE-2026-47075
  • GHSA-j9wq-vxxc-94wf
Published
2026-05-25T14:00:45.781Z
Modified
2026-05-25T14:26:25.703348252Z
Severity
  • 6.8 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N CVSS Calculator
Summary
CR/LF injection in query parameter in hackney
Details

Summary

Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode carriage return (\r) or line feed (\n) characters in the URL query component before constructing the HTTP/1.1 request target. Characters outside the grammar defined in RFC 3986 Section 3.4 must be percent-encoded, but hackneyurl:makeurl/3 passes the query binary directly without validation or escaping. An attacker who can control all or part of a URL passed to hackney can inject raw CRLF sequences into the query string, which are then sent as HTTP line breaks in the request target. This enables injection of arbitrary HTTP headers or splitting of the HTTP request.

This issue affects hackney: from 0 before 4.0.1.

Database specific 
{
    "cpe_ids": [
        "cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*"
    ],
    "cwe_ids": [
        "CWE-93"
    ],
    "capec_ids": [
        "CAPEC-105"
    ]
}
References
Credits
    • tepel-chen - FINDER
    • Benoit Chesneau - REMEDIATION_DEVELOPER
    • Jonatan Männchen - ANALYST

Affected packages

Hex / hackney

Package

Name
hackney
Purl
pkg:hex/hackney

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.1

Affected versions

0.*
0.13.1
0.14.0
0.14.1
0.14.2
0.14.3
0.15.0
0.15.2
1.*
1.0.1
1.0.2
1.0.5
1.0.6
1.1.0
1.2.0
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.10
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.7.0
1.7.1
1.8.0
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.9.0
1.10.0
1.10.1
1.11.0
1.12.0
1.12.1
1.13.0
1.14.0
1.14.2
1.14.3
1.15.0
1.15.1
1.15.2
1.16.0
1.17.0
1.17.1
1.17.2
1.17.3
1.17.4
1.18.0
1.18.1
1.18.2
1.19.0
1.19.1
1.20.0
1.20.1
1.21.0
1.22.0
1.23.0
1.24.0
1.24.1
1.25.0
2.*
2.0.0-beta.1
2.0.0
2.0.1
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
3.1.2
3.2.0
3.2.1
4.*
4.0.0

Database specific

source 
"https://cna.erlef.org/osv/EEF-CVE-2026-47075.json"

Git / github.com/benoitc/hackney

Affected ranges

Type
GIT
Repo
https://github.com/benoitc/hackney
Events
Introduced
8bb1a359a81ae58567c84f8d24564e9742e6f2bd
Fixed
ca73dd0aba0ed557449c18288bf07241671a43c9

Affected versions

0.*
0.1.0
0.10.0
0.10.1
0.11.0
0.11.1
0.11.2
0.12.0
0.12.1
0.13.0
0.13.1
0.14.0
0.14.1
0.14.2
0.14.3
0.15.0
0.15.1
0.15.2
0.16.0
0.2.0
0.3.0
0.3.1
0.3.2
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.5.0
0.6.0
0.6.1
0.7.0
0.8.0
0.8.1
0.8.2
0.8.3
0.9.0
0.9.1
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.1.0
1.10.0
1.10.1
1.11.0
1.12.0
1.12.1
1.13.0
1.14.0
1.14.2
1.14.3
1.15.0
1.15.1
1.15.2
1.16.0
1.17.0
1.17.1
1.17.2
1.17.3
1.17.4
1.18.0
1.18.1
1.18.2
1.19.0
1.19.1
1.2.0
1.20.0
1.20.1
1.21.0
1.22.0
1.23.0
1.24.0
1.24.1
1.25.0
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.10
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.5.0
1.5.1
1.5.4
1.5.5
1.5.6
1.5.7
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.7.0
1.7.1
1.8.0
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.9.0
2.*
2.0.0
2.0.0-beta.1
2.0.1
3.*
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
3.1.2
3.2.0
3.2.1
4.*
4.0.0
v1.*
v1.17.0

Database specific

source 
"https://cna.erlef.org/osv/EEF-CVE-2026-47075.json"