6 matches found
SUSE-SU-2026:1030-1 Security update for salt
This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...
Moderate: Red Hat Security Advisory: pcs security update
An update for pcs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
pcs security update
0.10.18-2.0.1.el810.8 - Replaced HAM-logo 0.10.18 - Debrand PCS 0.10.18-2.el810.8 - Fixed CVE-2025-67725, CVE-2025-67726 by patching bundled Tornado Resolves: RHEL-136415, RHEL-136420...
CVE-2025-67725
creationtimestamp| type| source ---|---|--- 2025-12-12 07:58:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7rmkxia4i2y 2026-02-02 15:28:55+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdv5xgez6k2i...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +650 more potentially affected by CVE-2025-67725 via tornado (>=6.0.0 <=6.5.2)
tornado PYPI version =6.0.0, =0.0.0, =0.7.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.3.0, =0.1.23, =0.0.9.1, =0.20.0, =0.9.5, =22.5.13, =25.12.0 and more Source cves: CVE-2025-67725 Source advisory: SNYK:PYTHON-TORNADO-14400977...
CVE-2025-67725
Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using string concatenation...