Safety vulnerability ID: 74439
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Tornado web framework affected versions contain a performance vulnerability in their HTTP cookie parser. When processing specially crafted malicious cookie headers, the parser's algorithm can exhibit quadratic time complexity. Since this parsing happens in the main event loop thread, it can cause the server to become unresponsive and block the processing of other incoming requests due to excessive CPU usage.
Latest version: 6.4.2
Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application