VDB
GCVE-110-MAGEIA-2016-418
GCVE-110-MAGEIA-2016-418
Advisory Published
A difference in cookie parsing between Tornado and web browsers
(especially when combined with Google Analytics) could allow an attacker
to set arbitrary cookies and bypass XSRF protection. The cookie parser
has been rewritten to fix this attack.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-tornado | 0 (affected), 3.2.2-4.2.mga5 (unaffected) | — |
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.