Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-28370HistoryMay 25, 2023 - 10:15 a.m.
CVE-2023-28370
2023-05-2510:15:09
Debian Security Bug Tracker
security-tracker.debian.org
11
open redirect
tornado
vulnerability
phishing
unix
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
53.0%
Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | python-tornado | <= 6.2.0-3 | python-tornado_6.2.0-3_all.deb |
| Debian | 11 | all | python-tornado | <= 6.1.0-1 | python-tornado_6.1.0-1_all.deb |
| Debian | 999 | all | python-tornado | < 6.3.2-1 | python-tornado_6.3.2-1_all.deb |
| Debian | 13 | all | python-tornado | < 6.3.2-1 | python-tornado_6.3.2-1_all.deb |
Related
redhat
redhat
(RHSA-2023:6523) Moderate: python-tornado security update
2023-11-07 06:07:39
veracode
veracode
Open Redirect
2023-05-24 05:29:03
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0211)
2023-06-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3144-1)
2023-08-03 00:00:00
openSUSE: Security Advisory for salt (SUSE-SU-2023:3139-1)
2024-03-04 00:00:00
amazon
amazon
Medium: python3-tornado
2023-07-17 17:39:00
Medium: python-tornado
2023-07-17 17:39:00
ubuntucve
ubuntucve
CVE-2023-28370
2023-05-25 00:00:00
nessus
nessus
CentOS 9 : python-tornado-6.1.0-9.el9
2024-02-29 00:00:00
Amazon Linux 2 : python-tornado (ALAS-2023-2132)
2023-07-20 00:00:00
cve
cve
CVE-2023-28370
2023-05-25 10:15:09
osv
osv
Moderate: python-tornado security update
2023-11-07 00:00:00
CVE-2023-28370
2023-05-25 10:15:09
Open redirect in Tornado
2023-05-25 12:30:16
ubuntu
ubuntu
Tornado vulnerability
2023-06-13 00:00:00
oraclelinux
oraclelinux
python-tornado security update
2023-11-11 00:00:00
cvelist
cvelist
CVE-2023-28370
2023-05-25 00:00:00
redhatcve
redhatcve
CVE-2023-28370
2023-05-26 20:42:14
nvd
nvd
CVE-2023-28370
2023-05-25 10:15:09
mageia
mageia
Updated python-tornado packages fix security vulnerability
2023-06-28 08:21:41
prion
prion
Open redirect
2023-05-25 10:15:00
almalinux
almalinux
Moderate: python-tornado security update
2023-11-07 00:00:00
jvn
jvn
JVN#45127776: Tornado vulnerable to open redirect
2023-05-22 00:00:00
github
github
Open redirect in Tornado
2023-05-25 12:30:16
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0663
2023-10-07 00:00:00
ibm
ibm
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
53.0%
Related for DEBIANCVE:CVE-2023-28370