260 matches found
python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations
A vulnerability was found in the python-tornado library. This flaw causes an open redirect vulnerability that allows a remote, unauthenticated attacker to redirect a user to an arbitrary website and conduct a phishing attack by having the user access a specially crafted URL...
RHEL 9 : python-tornado (RHSA-2023:6523)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:6523 advisory. Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and...
SUSE: Security Advisory (SUSE-SU-2023:3144-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:3144-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: python-tornado: - Security fixes: CVE-2023-28370: Fixed an open redirect issue in the static file handler bsc1211741 prometheus-blackboxexporter: - Use obscpio for go modules service - Set version number - Set build date from SOURCEDATEEPOCH - Update to...
SUSE-SU-2023:3122-1 Security update for SUSE Manager Client Tools
This update fixes the following issues: python-tornado: - Security fixes: CVE-2023-28370: Fixed an open redirect issue in the static file handler bsc1211741 kiwi-desc-saltboot: - Update to version 0.1.1687520761.cefb248 Add osimage cert package to bootstrap for SUSE Linux Enterprise 12 images...
Amazon Linux 2 : python-tornado (ALAS-2023-2132)
The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2132 advisory. Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a use...
Medium: python-tornado
Issue Overview: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370 Affected Packages: python-tornado Issu...
Medium: python-tornado
Issue Overview: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370 Affected Packages: python-tornado Note...
SUSE-SU-2023:2807-1 Security update for python-tornado
This update for python-tornado fixes the following issues: - CVE-2023-28370: Fixed an open redirect issue in the static file handler bsc1211741...
SUSE-SU-2023:2770-1 Security update for python-tornado
This update for python-tornado fixes the following issues: - CVE-2023-28370: Fixed an open redirect issue in the static file handler bsc1211741...
Mageia: Security Advisory (MGASA-2023-0211)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0211 Updated python-tornado packages fix security vulnerability
Remote unauthenticated attacker may redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370...
Ubuntu: Security Advisory (USN-6159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6159-1: Tornado vulnerability
It was discovered that Tornado incorrectly handled certain redirect. An remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...
USN-6159-1 python-tornado vulnerability
It was discovered that Tornado incorrectly handled certain redirect. An remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...
CVE-2023-28370
A vulnerability was found in the python-tornado library. This flaw causes an open redirect vulnerability that allows a remote, unauthenticated attacker to redirect a user to an arbitrary website and conduct a phishing attack by having the user access a specially crafted URL. Mitigation Mitigation...
AZL-44277 CVE-2023-28370 affecting package python-tornado for versions less than 6.3.3-11
Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...
Debian: Security Advisory (DLA-279-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python-tornado bug fix and enhancement update
An update is available for python-tornado. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...
Mageia: Security Advisory (MGASA-2016-0418)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...