rpm package
suse/python-tornado6&distro=SUSE Linux Enterprise Module for Python 3 15 SP6
pkg:rpm/suse/python-tornado6&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-47287 | — | < 6.3.2-150400.9.9.1 | 6.3.2-150400.9.9.1 | May 15, 2025 | Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo | ||
| CVE-2024-52804 | — | < 6.3.2-150400.9.6.1 | 6.3.2-150400.9.6.1 | Nov 22, 2024 | Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This par |
- CVE-2025-47287May 15, 2025affected < 6.3.2-150400.9.9.1fixed 6.3.2-150400.9.9.1
Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high vo
- CVE-2024-52804Nov 22, 2024affected < 6.3.2-150400.9.6.1fixed 6.3.2-150400.9.6.1
Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This par