Debian Tornado Critical Denial of Service Header Injection DSA-6195-1
Posted: Fri Apr 03, 2026 10:38 pm
Multiple security vulnerabilities were discovered in the Tornado Python web framework, which could result in denial of service, header injection or cross-site scripting. For the oldstable distribution (bookworm), this problem has been fixed in version 6.2.0-3+deb12u4.
Source: https://linuxsecurity.com/advisories/de ... on-tornado
Source: https://linuxsecurity.com/advisories/de ... on-tornado