Primary

Context

DECE Software Geodi CRLF Injection Vulnerability Allowing HTTP Request Splitting

Vulnerability

Patched

A CRLF injection vulnerability has been identified in DECE Software Geodi versions prior to GEODI Setup 9.0.146. This vulnerability allows for HTTP request splitting, which could be exploited by cyber attackers to carry out their attacks.

Impact

Exploitation of this vulnerability could lead to HTTP request splitting, allowing attackers to manipulate HTTP requests in a way that could disrupt normal application behavior or facilitate further attacks.

Remediation

Users and system administrators are advised to upgrade to at least GEODI Setup 9.0.146.

Added: Jul 29, 2025, 1:22 PM

Updated: Jul 29, 2025, 2:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

4.7

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

4.7

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DECE Software Geodi CRLF Injection Vulnerability Allowing HTTP Request Splitting

Vulnerability

Impact

Remediation

Affected Products

DECE Software Geodi

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating