Lucene search

K
osvGoogleOSV:PYSEC-2012-5
HistoryMay 23, 2012 - 8:55 p.m.

PYSEC-2012-5

2012-05-2320:55:00
Google
osv.dev
7

0.004 Low

EPSS

Percentile

72.8%

CRLF injection vulnerability in the tornado.web.RequestHandler.set_header function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input.

0.004 Low

EPSS

Percentile

72.8%