Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-017333)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017333 advisory. Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has...

7.5CVSS5.8AI score0.01051EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/06/02 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2025-db6e9bb7fb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01051EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.7 views

python-tornado security update

An update is available for python-tornado. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tornado is a Python web framework and asynchronous networking library...

7.5CVSS7.2AI score0.01051EPSS
Exploits0
NVD
NVD
added 2025/03/04 12:15 a.m.10 views

CVE-2025-27219

In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when...

7.5CVSS0.00784EPSS
Exploits0References3
Amazon
Amazon
added 2025/01/09 12:0 a.m.11 views

Medium: python-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This...

7.5CVSS6.8AI score0.01051EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/06 12:0 a.m.12 views

RHEL 9 : python-tornado (RHSA-2024:10843)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10843 advisory. Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and...

7.5CVSS7.3AI score0.01051EPSS
Exploits0References4
OSV
OSV
added 2016/12/11 10:44 p.m.4 views

MGASA-2016-0418 Updated python-tornado package fixes security vulnerability

A difference in cookie parsing between Tornado and web browsers especially when combined with Google Analytics could allow an attacker to set arbitrary cookies and bypass XSRF protection. The cookie parser has been rewritten to fix this attack...

7.2AI score
Exploits0References3
Rows per page
Query Builder