Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3Blast Radius
ecosystem impact- 93 pypi packages depend on daphne (45 direct, 50 indirect)
Ecosystem-wide dependent count for version 4.2.2.
DescriptionNVD
daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines(). An attacker can exploit this parser differential to inject additional headers into the ASGI scope passed to the application. daphne now rejects requests with these bytes in any header value with a 400 response.
AnalysisAI
Header injection via parser differential in daphne before 4.2.2 allows unauthenticated remote attackers to smuggle synthetic headers into the ASGI scope received by Django applications during WebSocket handshake processing. The root cause is that Twisted (which daphne uses to parse inbound HTTP) ignores six specific Unicode bytes as line separators, while autobahn (which daphne feeds for WebSocket negotiation) calls Python's str.splitlines() and recognizes them - causing a single header value to be split into multiple injected header lines. No public exploit has been identified at time of analysis, and CVSS scores this at 3.7 (Low) due to high attack complexity, though real-world severity scales with how heavily the downstream application trusts ASGI-scope headers for security decisions.
Technical ContextAI
daphne is the ASGI server backing Django Channels, layering WebSocket support over Twisted's HTTP engine with autobahn handling the WebSocket handshake. The flaw is classified as CWE-444 (Inconsistent Interpretation of HTTP Requests - HTTP Request/Response Smuggling): daphne reconstructs a raw HTTP byte stream from Twisted's pre-parsed headers and hands it to autobahn for WebSocket upgrade validation. Twisted's HTTP parser does not treat \x0b (vertical tab), \x0c (form feed), \x1c (file separator), \x1d (group separator), \x1e (record separator), or \x85 (Unicode NEL - next line) as line-break characters, so it passes a header value containing these bytes through intact. autobahn, however, decodes the header value into a Python str and calls str.splitlines(), which per the Unicode standard recognizes all of those code points as line terminators. This splits one header value into multiple lines, creating synthetic header key-value pairs that populate the ASGI scope dictionary with attacker-controlled data that never existed in the original Twisted-parsed request. The fix in 4.2.2 closes the gap by having daphne validate and reject any request containing these bytes in a header value with a 400 response before autobahn ever sees it. No CPE strings were included in the provided intelligence.
RemediationAI
The primary fix is to upgrade daphne to version 4.2.2 or later; this release adds input validation that rejects any inbound HTTP request containing the bytes \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 in any header value with a 400 Bad Request, preventing the malformed header from reaching autobahn. The fix is documented at https://github.com/django/daphne/blob/main/CHANGELOG.txt. If immediate upgrade is not feasible, a compensating control is to deploy a hardening reverse proxy (nginx, HAProxy) in front of daphne configured to drop or reject requests containing these non-ASCII control bytes in header values; note that proxy behavior with unusual Unicode bytes is implementation-specific and must be explicitly tested and verified rather than assumed. A second compensating control is to add Django middleware that audits the ASGI scope headers for unexpected keys before they reach application logic, reducing the attack surface without blocking the request at the protocol layer - this does not eliminate the injection but limits exploitation to headers the application actually trusts. Neither workaround is a substitute for patching.
Same weakness CWE-444 – HTTP Request/Response Smuggling
View allSame technique Code Injection
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34092
GHSA-xh68-hfp5-5x5m