The vulnerability of the CurlAsyncHTTPClient component in the asynchronous networking library Tornado allows a hacker to execute arbitrary code.
The vulnerability of the CurlAsyncHTTPClient component in the Tornado asynchronous networking library is related to the lack of measures taken to neutralize CRLF sequences. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted HTTP requests ...