Lucene search
+L

1063 matches found

OpenVAS
OpenVAS
added 2016/12/07 12:0 a.m.19 views

Fedora Update for python-tornado FEDORA-2016-24478a88fe

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.24 views

Fedora 25 : python-tornado (2016-24478a88fe)

Update to 4.4.2 : Security fixes - A difference in cookie parsing between Tornado and web browsers especially when combined with Google Analytics could allow an attacker to set arbitrary cookies and bypass XSRF protection. The cookie parser has been rewritten to fix this attack...

5.5AI score
Exploits0References1
Fedora
Fedora
added 2016/11/26 11:1 p.m.15 views

[SECURITY] Fedora 25 Update: python-tornado-4.4.2-1.fc25

Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...

0.7AI score
Exploits0
Debian
Debian
added 2016/05/15 7:45 p.m.49 views

[SECURITY] [DLA 475-1] python-tornado security update

Package : python-tornado Version : 2.3-2+deb7u1 CVE ID : CVE-2014-9720 It was discovered that python-tornado, a Python web framework and asynchronous networking library, was susceptible for the BREACH attack. The XSRF token is now encoded with a random mask on each request. This makes it safe to...

6.5CVSS6.7AI score0.02489EPSS
Exploits0
OSV
OSV
added 2016/05/15 12:0 a.m.16 views

DLA-475-1 python-tornado - security update

Bulletin has no description...

6.5CVSS6.3AI score0.02489EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/04 12:0 a.m.26 views

SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)

The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...

6.5CVSS6.4AI score0.02489EPSS
Exploits0References10
OSV
OSV
added 2016/05/02 1:1 p.m.5 views

SUSE-SU-2016:1195-1 Security update for python-tornado

The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed: - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...

6.5CVSS6.6AI score0.02489EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/11/17 12:0 a.m.15 views

openSUSE Security Update : python-tornado (openSUSE-2015-741)

python-tornado was updates to fix one security issue. The following vulnerability was fixed : - CVE-2014-9720: XSRF cookie allowed side-channel attack against TLS BREACH %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.5CVSS6.2AI score0.02489EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/11/02 12:0 a.m.15 views

Fedora 23 : python-tornado-4.2.1-1.fc23 (2015-16197)

Update to 4.2.1. See http://www.tornadoweb.org/en/stable/releases/v4.2.0.html and http://www.tornadoweb.org/en/stable/releases/v4.2.1.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

5.4AI score
Exploits0References3
Fedora
Fedora
added 2015/11/01 3:36 a.m.9 views

[SECURITY] Fedora 23 Update: python-tornado-4.2.1-1.fc23

Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...

0.7AI score
Exploits0
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.37 views

Amazon Linux: Security Advisory (ALAS-2015-521)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.6AI score0.04857EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.24 views

Debian DLA-279-1 : python-tornado security update

A vulnerability was discovered in python-tornado, a Python scalable, non- blocking web server. CVE-2014-9720 CSRF cookie allows side-channel attack against TLS BREACH Security Fix The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages...

6.5CVSS6.3AI score0.02489EPSS
Exploits0References3
Debian
Debian
added 2015/07/22 12:52 p.m.50 views

[SECURITY] [DLA 279-1] python-tornado security update

Package : python-tornado Version : 1.0.1-1+deb6u1 CVE ID : CVE-2014-9720 A vulnerability was discovered in python-tornado, a Python scalable, non- blocking web server. CVE-2014-9720 CSRF cookie allows side-channel attack against TLS BREACH Security Fix The XSRF token is now encoded with a random...

6.5CVSS6.3AI score0.02489EPSS
Exploits0
OSV
OSV
added 2015/07/22 12:0 a.m.12 views

DLA-279-1 python-tornado - security update

Bulletin has no description...

6.5CVSS6.3AI score0.02489EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.20 views

Fedora Update for python-tornado FEDORA-2015-9143

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02489EPSS
Exploits0References2
OSV
OSV
added 2015/07/01 12:40 p.m.5 views

MGASA-2015-0251 Updated python-tornado package fixes security vulnerability

Security fixes CVE-2014-9720 The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by ...

6.5CVSS6.3AI score0.02489EPSS
Exploits0References4
Mageia
Mageia
added 2015/07/01 12:40 p.m.30 views

Updated python-tornado package fixes security vulnerability

Security fixes CVE-2014-9720 The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by ...

6.5CVSS6.4AI score0.02489EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/06/11 12:0 a.m.24 views

Fedora Update for python-tornado FEDORA-2015-8606

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02489EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/06/11 12:0 a.m.18 views

Fedora 21 : python-tornado-3.2.2-1.fc21 (2015-8606)

Security fixes The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by a proxy...

6.5CVSS6.5AI score0.02489EPSS
Exploits0References3
Fedora
Fedora
added 2015/06/10 7:18 p.m.18 views

[SECURITY] Fedora 21 Update: python-tornado-3.2.2-1.fc21

Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...

6.5CVSS0.7AI score0.02489EPSS
Exploits0
Rows per page
Query Builder