Lucene search
K

6 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in python-tornado

Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limitation on the number of parts in multipart/form-data was the maxbodysize setting default: 100MB. Since parsing occurs synchronously on the main thread, this created a potenti...

8.7CVSS7.9AI score0.00375EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/12/12 6:51 a.m.4 views

a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +650 more potentially affected by CVE-2025-67724 via tornado (>=6.0.0 <=6.5.2)

tornado PYPI version =6.0.0, =0.0.0, =0.7.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.3.0, =0.1.23, =0.0.9.1, =0.20.0, =0.9.5, =22.5.13, =25.12.0 and more Source cves: CVE-2025-67724 Source advisory: SNYK:PYTHON-TORNADO-14400978...

6.1CVSS6AI score0.00185EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-28370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and condu...

6.1CVSS6.3AI score0.01132EPSS
Exploits0References2
OSV
OSV
added 2025/06/06 2:4 p.m.7 views

OESA-2025-1614 python-tornado security update

Tornado is an open source version of the scalable, non-blocking web server and tools. Security Fixes: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the...

7.5CVSS6.8AI score0.00667EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/06/06 9:41 p.m.3 views

abracadabra (>=0.0.0 <=0.0.7), aegis-tools (>=0.0.3 <=2.3.6) +721 more potentially affected by unknown CVE via tornado (>=3.0.0 <=6.4.0)

tornado PYPI version =3.0.0, =0.0.0, =0.0.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.0.0, =1.3.0, =3.3.3, =0.0.9.1, =0.20.0, =0.9.5, =6.0.2, =1.1.8, =3.9.0, =3.9.0.post1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-753J-MPMX-QQ6G...

5.5AI score
Exploits0
OSV
OSV
added 2023/05/25 10:15 a.m.0 views

DEBIAN-CVE-2023-28370

Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL...

6.1CVSS6.1AI score0.01132EPSS
Exploits0References1
Rows per page
Query Builder