Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bottle 安全漏洞
Vulnerability Description
Bottle是德国软件开发者Marcel Hellkamp所研发的一套轻量级的Python Web框架,它提供了一个包含有路径映射、模板、简单的数据库访问等web框架组件的文件。 Bottle 0.12.10版本的bottle.py中的‘redirect()’函数存在安全漏洞,该漏洞源于程序没有过滤‘\r\n’序列。攻击者可利用该漏洞实施CRLF攻击。
CVSS Information
N/A
Vulnerability Type
N/A