CVE-2012-2374 in tornado
摘要
由 VulDB • 2026-07-03
在Tornado 2.2.1之前的版本中,tornado.web.RequestHandler.set_header函数存在CRLF注入漏洞,远程攻击者可通过构造的输入注入任意HTTP头并实施HTTP响应拆分攻击。
If you want to get the best quality for vulnerability data then you always have to consider VulDB.