Summary: | www-servers/tornado: cache poisoning vulnerability (CVE-2020-28476) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | mgorny, python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-01-18 22:19:46 UTC
I don't see a public bug report on Tornado bug tracker, at least while using the 'obvious' search terms. I think it might be https://github.com/tornadoweb/tornado/issues/2790. This was deemed "not a vulnerability" according to the Snyk link... |