rpm package
suse/python-tornado&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP3
pkg:rpm/suse/python-tornado&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-47287 | — | < 4.5.3-150000.3.10.1 | 4.5.3-150000.3.10.1 | May 15, 2025 | Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo | ||
| CVE-2023-28370 | — | < 4.5.3-150000.3.6.1 | 4.5.3-150000.3.6.1 | May 25, 2023 | Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. |
- CVE-2025-47287May 15, 2025affected < 4.5.3-150000.3.10.1fixed 4.5.3-150000.3.10.1
Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo
- CVE-2023-28370May 25, 2023affected < 4.5.3-150000.3.6.1fixed 4.5.3-150000.3.6.1
Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.