Netty Redis Codec Encoder has a CRLF Injection Issue
| Field | Value | |——-|——-| | Product | Netty | | Version | 4.2.12.Final (and all prior versions with codec-redis) | | Component | io.netty.handler.codec.redis.RedisEncoder | | Vulnerability Type | CWE-93: Improper Neutralization of CRLF Sequences (CRLF Injection) | | Impact | Redis Command Injection / Response Poisoning | | Attack Vector | Network | | Attack Complexity | Low | | Privileges Required | None | | User …