VDB

GCVE-110-MAGEIA-2026-216

GCVE-110-MAGEIA-2026-216
Advisory Published
Vulnetix · Advisory published June 17, 2026
Tornado has a DoS due to too many multipart parts. (CVE-2026-31958) In Tornado, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters. (CVE-2026-35536)

Affected Products

VendorProductVersionsPlatforms
Mageiapython-tornado0 (affected), 6.3.2-1.4.mga9 (unaffected)

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›