Safety vulnerability ID: 77319
The information on this page was manually curated by our Cybersecurity Intelligence Team.
When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.
Latest version: 6.5.1
Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed.
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application