Package impact
PyPI / tornado
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47287 | high | — | 8.0 | 1y ago | RHSA-2025:8254: pcs security update (Important) | |||
| CVE-2024-52804 | high | — | 8.0 | 2y ago | RHSA-2025:2872: pcs security update (Important) | |||
| CVE-2014-9720 | unknown | — | — | 4y ago | Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determi… |