106 matches found
V8 BigInt SharedArrayBuffer Concurrency Synchronization
This JavaScript code is a concurrency demonstration using SharedArrayBuffer, Web Workers, and Atomics to coordinate execution between the main thread and a worker thread...
OESA-2026-1995 python-tornado security update
Tornado is an open source version of the scalable, non-blocking web server and tools. Security Fixes: Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setti...
tornado-python: Tornado: Denial of Service via large multipart bodies
A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...
OESA-2026-1677 python-tornado security update
Tornado is an open source version of the scalable, non-blocking web server and tools. Security Fixes: Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setti...
Denial Of Service (DoS)
Tornado is vulnerable to Denial of Service DoS. The vulnerability is due to synchronous parsing of multipart/form-data without limiting the number of parts, allowing attackers to send large requests with many parts that consume excessive CPU and block the main thread...
SUSE CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
PYSEC-2026-140
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
DEBIAN-CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
PYSEC-2026-140
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
UBUNTU-CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958 Tornado has a DoS due to too many multipart parts
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958
Tornado (Python) before 6.5.5 is vulnerable in its multipart/form-data parsing: the only limit is max_body_size (default 100MB) and parsing occurs synchronously on the main thread, enabling denial-of-service via very large multipart bodies with many parts. The issue is fixed in 6.5.5. CVSS metric...
CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958 Tornado has a DoS due to too many multipart parts
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
CVE-2026-31958 Tornado has a DoS due to too many multipart parts
Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility ...
PT-2026-24805
Name of the Vulnerable Software and Affected Versions Tornado versions prior to 6.5.5 Description Tornado is a Python web framework and asynchronous networking library. In versions prior to 6.5.5, the only limit on the number of parts in multipart/form-data requests is the max body size setting,...
EUVD-2015-1362
Malware in sbrugna...
EUVD-2015-0818
Malware in sbrugna...