CVE-2012-2374 in tornado信息

摘要

由 VulDB • 2026-07-03

在Tornado 2.2.1之前的版本中,tornado.web.RequestHandler.set_header函数存在CRLF注入漏洞,远程攻击者可通过构造的输入注入任意HTTP头并实施HTTP响应拆分攻击。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!