CVE-2026-22779 Overview
BlackSheep is an asynchronous web framework designed to build event-based web applications with Python. A CRLF injection vulnerability has been identified in the HTTP Client implementation of BlackSheep prior to version 2.4.6. The vulnerability stems from missing header validation, which enables attackers to modify HTTP requests by inserting new headers or even creating entirely new HTTP requests when developers pass unsanitized user input directly into headers.
Critical Impact
Attackers can manipulate HTTP requests through CRLF injection, potentially enabling HTTP response splitting, cache poisoning, or cross-site scripting attacks when user-controlled input reaches HTTP headers without proper sanitization.
Affected Products
- Neoteroi BlackSheep versions prior to 2.4.6
- BlackSheep HTTP Client component (server-side ASGI handling is not affected)
- Applications passing unsanitized user input to HTTP headers
Discovery Timeline
- 2026-01-14 - CVE CVE-2026-22779 published to NVD
- 2026-01-22 - Last updated in NVD database
Technical Details for CVE-2026-22779
Vulnerability Analysis
The CRLF injection vulnerability in BlackSheep's HTTP Client occurs due to insufficient validation of header values before they are written to HTTP requests. CRLF (Carriage Return Line Feed) characters (\r\n) are used to separate HTTP headers. When user-controlled input containing these characters is passed to the write_header function without sanitization, attackers can inject arbitrary headers or terminate the header section prematurely to inject a malicious request body.
The exploitation requires a specific precondition: developers must pass unsanitized user input directly into HTTP headers. While this limits the attack surface, applications that dynamically construct headers based on user input (such as proxy applications or API gateways) are particularly vulnerable.
Notably, the server-side component of BlackSheep is not affected because it delegates response header handling to the underlying ASGI server, which provides its own header sanitization.
Root Cause
The root cause lies in the write_header function within blacksheep/scribe.py, which previously concatenated header names and values without stripping or rejecting CRLF characters. This allowed malicious input containing \r or \n characters to break out of the intended header context and inject additional HTTP protocol elements.
Attack Vector
The attack vector is network-based, requiring an attacker to control input that flows into HTTP header values in the BlackSheep HTTP Client. Typical exploitation scenarios include:
- Applications that forward user-supplied headers to backend services
- Proxy implementations that copy request headers
- API clients that include user input in custom headers
The security patch introduces a _nocrlf() function that sanitizes header values by removing carriage return and newline characters:
def _nocrlf(value: bytes) -> bytes:
"""Sanitize the given value to prevent CRLF injection."""
return value.replace(b"\r", b"").replace(b"\n", b"")
# Header writing utilities
def write_header(header):
"""
This function writes a single HTTP header. It is used only by the HTTP Client part,
because the server relies on the ASGI server to handle headers.
"""
# Sanitize header name and value to prevent CRLF injection
return _nocrlf(header[0]) + b": " + _nocrlf(header[1]) + b"\r\n"
Source: GitHub Commit bd4ecb95
Detection Methods for CVE-2026-22779
Indicators of Compromise
- HTTP requests containing unexpected headers not set by the application logic
- Log entries showing headers with encoded CRLF sequences (%0d%0a, %0D%0A)
- Unusual HTTP request patterns suggesting request smuggling attempts
- Backend services receiving malformed or duplicate headers
Detection Strategies
- Review application code for instances where user input is passed to BlackSheep HTTP Client headers without validation
- Implement web application firewall (WAF) rules to detect CRLF sequences in header values
- Monitor HTTP traffic for anomalous header patterns or request smuggling indicators
- Use static analysis tools to identify unsafe header construction patterns in Python code
Monitoring Recommendations
- Enable detailed HTTP request logging at the application and infrastructure level
- Configure alerts for requests containing URL-encoded newline characters in header fields
- Monitor for unusual patterns in downstream service logs that may indicate injected requests
- Implement request integrity validation between services in microservice architectures
How to Mitigate CVE-2026-22779
Immediate Actions Required
- Upgrade BlackSheep to version 2.4.6 or later immediately
- Audit application code for instances where user-controlled data is passed to HTTP headers
- Implement input validation to strip or reject CRLF characters from user input before header construction
- Review and test any proxy or forwarding functionality that handles HTTP headers
Patch Information
The vulnerability is fixed in BlackSheep version 2.4.6. The patch introduces the _nocrlf() sanitization function in both the Python (blacksheep/scribe.py) and Cython (blacksheep/scribe.pxd) implementations. The fix removes carriage return and newline characters from both header names and values before constructing the HTTP header line.
For detailed patch information, see the GitHub Security Advisory GHSA-6pw3-h7xf-x4gp and Release v2.4.6.
Workarounds
- Implement custom input validation to strip \r and \n characters from any user input before passing to HTTP headers
- Use allowlists for header values where possible, rejecting any input containing control characters
- Wrap HTTP Client calls with a sanitization layer that validates all header inputs
- Consider using a reverse proxy with CRLF injection protection in front of affected applications
# Upgrade BlackSheep to patched version
pip install --upgrade blacksheep>=2.4.6
# Verify installed version
pip show blacksheep | grep Version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
