CVE-2016-9964: CRLF Injection
(updated )
redirect()
in bottle.py
in bottle does not properly filter certain escape sequences which leads to a CRLF attack.
References
Detect and mitigate CVE-2016-9964 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →