ALT Linux Team

Package python3-module-tornado update in sisyphus_e2k on 2023-05-16

ALT-PU-2023-3546-1

Package python3-module-tornado updated to version 6.3.2-alt1 for branch sisyphus_e2k.

Closed vulnerabilities

Published: 2023-05-25
Modified: 2025-01-16

CVE-2023-28370

Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top