Lucene search
K

5 matches found

Debian
Debian
added 2026/04/01 10:46 a.m.11 views

[SECURITY] [DLA 4520-1] python-tornado security update

Debian LTS Advisory DLA-4520-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert April 01, 2026 https://wiki.debian.org/LTS Package : python-tornado Version : 6.1.0-1+deb11u4 CVE ID : CVE-2026-31958 Debian Bug : 1130507 1132367 Tornado is a scalable, non-blocking...

8.7CVSS5.7AI score0.00375EPSS
Exploits0
OSV
OSV
added 2026/03/12 2:19 p.m.3 views

GHSA-QJXF-F2MG-C6MC Tornado is vulnerable to DoS due to too many multipart parts

In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the maxbodysize setting default 100MB. Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart...

8.7CVSS5.8AI score0.00375EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/07/10 4:5 p.m.7 views

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2025-46701: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656...

9.1CVSS7.8AI score0.54877EPSS
Exploits2References14
SUSE Linux
SUSE Linux
added 2025/07/09 5:40 p.m.8 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Fixed refactor CGI servlet to access resources via WebResources bsc1243815. Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656. Fixed expand checks for webAppMoun...

9.1CVSS8.2AI score0.54877EPSS
Exploits2References14
SUSE Linux
SUSE Linux
added 2025/07/03 8:4 a.m.8 views

Security update for tomcat

This update for tomcat fixes the following issues: CVE-2025-46701: Refactored CGI servlet to access resources via WebResources bsc1243815. CVE-2025-48988: Limited the total number of parts in a multi-part request and limits the size of the headers provided with each part bsc1244656. CVE-2025-4912...

9.1CVSS7.3AI score0.54877EPSS
Exploits2References12
Rows per page
Query Builder