Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/tornado@1.1

Type pypi

Namespace

Name tornado

Version 1.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 6.5.5

Latest_non_vulnerable_version 6.5.5

Affected_by_vulnerabilities

url VCID-27ab-kc1z-2fcv

vulnerability_id VCID-27ab-kc1z-2fcv

summary

Tornado has an HTTP cookie parsing DoS vulnerability
The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.

See also CVE-2024-7592 for a similar vulnerability in cpython.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52804.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52804.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52804

reference_id

reference_type

scores

value	0.0016
scoring_system	epss
scoring_elements	0.36754
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52804

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088112
reference_id	1088112
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088112

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2328045
reference_id	2328045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2328045

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-52804

reference_id

CVE-2024-52804

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-52804

reference_url

https://github.com/advisories/GHSA-7pwv-g7hj-39pr

reference_id

GHSA-7pwv-g7hj-39pr

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/advisories/GHSA-7pwv-g7hj-39pr

reference_url	https://github.com/advisories/GHSA-8w49-h785-mj3c
reference_id	GHSA-8w49-h785-mj3c
reference_type
scores
url	https://github.com/advisories/GHSA-8w49-h785-mj3c

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c

reference_id

GHSA-8w49-h785-mj3c

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c

reference_url	https://access.redhat.com/errata/RHSA-2024:10590
reference_id	RHSA-2024:10590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10590

reference_url	https://access.redhat.com/errata/RHSA-2024:10836
reference_id	RHSA-2024:10836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10836

reference_url	https://access.redhat.com/errata/RHSA-2024:10843
reference_id	RHSA-2024:10843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10843

reference_url	https://access.redhat.com/errata/RHSA-2025:2470
reference_id	RHSA-2025:2470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2470

reference_url	https://access.redhat.com/errata/RHSA-2025:2471
reference_id	RHSA-2025:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2471

reference_url	https://access.redhat.com/errata/RHSA-2025:2550
reference_id	RHSA-2025:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2550

reference_url	https://access.redhat.com/errata/RHSA-2025:2872
reference_id	RHSA-2025:2872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2872

reference_url	https://access.redhat.com/errata/RHSA-2025:2955
reference_id	RHSA-2025:2955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2955

reference_url	https://access.redhat.com/errata/RHSA-2025:2956
reference_id	RHSA-2025:2956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2956

reference_url	https://access.redhat.com/errata/RHSA-2025:3108
reference_id	RHSA-2025:3108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3108

reference_url	https://access.redhat.com/errata/RHSA-2025:3109
reference_id	RHSA-2025:3109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3109

reference_url	https://usn.ubuntu.com/7150-1/
reference_id	USN-7150-1
reference_type
scores
url	https://usn.ubuntu.com/7150-1/

fixed_packages

url pkg:pypi/tornado@6.4.2

purl pkg:pypi/tornado@6.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.4.2

aliases CVE-2024-52804, GHSA-8w49-h785-mj3c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-27ab-kc1z-2fcv

url VCID-293v-ye5g-3qh9

vulnerability_id VCID-293v-ye5g-3qh9

summary

Tornado has a CRLF injection in CurlAsyncHTTPClient headers
Tornado’s `curl_httpclient.CurlAsyncHTTPClient` class is vulnerable to CRLF (carriage return/line feed) injection in the request headers.

references

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/7786f09f84c9f3f2012c4cf3878417cb9f053669

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/7786f09f84c9f3f2012c4cf3878417cb9f053669

reference_url

https://github.com/advisories/GHSA-w235-7p84-xx57

reference_id

GHSA-w235-7p84-xx57

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w235-7p84-xx57

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-w235-7p84-xx57

reference_id

GHSA-w235-7p84-xx57

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-w235-7p84-xx57

fixed_packages

url pkg:pypi/tornado@6.4.1

purl pkg:pypi/tornado@6.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.4.1

aliases GHSA-w235-7p84-xx57

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-293v-ye5g-3qh9

url VCID-2jy5-24sv-9qhj

vulnerability_id VCID-2jy5-24sv-9qhj

summary

Tornado vulnerable to HTTP request smuggling via improper parsing of `Content-Length` fields and chunk lengths
## Summary
Tornado interprets `-`, `+`, and `_` in chunk length and `Content-Length` values, which are not allowed by the HTTP RFCs. This can result in request smuggling when Tornado is deployed behind certain proxies that interpret those non-standard characters differently. This is known to apply to older versions of haproxy, although the current release is not affected.

## Details
Tornado uses the `int` constructor to parse the values of `Content-Length` headers and chunk lengths in the following locations:
### `tornado/http1connection.py:445`
```python3
      self._expected_content_remaining = int(headers["Content-Length"])
```
### `tornado/http1connection.py:621`
```python3
        content_length = int(headers["Content-Length"]) # type: Optional[int]
```
### `tornado/http1connection.py:671`
```python3
      chunk_len = int(chunk_len_str.strip(), 16)
```
Because `int("0_0") == int("+0") == int("-0") == int("0")`, using the `int` constructor to parse and validate strings that should contain only ASCII digits is not a good strategy.

references

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/b7a5dd29bb02950303ae96055082c12a1ea0a4fe

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/b7a5dd29bb02950303ae96055082c12a1ea0a4fe

reference_url	https://github.com/advisories/GHSA-qppv-j76h-2rpx
reference_id	GHSA-qppv-j76h-2rpx
reference_type
scores
url	https://github.com/advisories/GHSA-qppv-j76h-2rpx

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-qppv-j76h-2rpx

reference_id

GHSA-qppv-j76h-2rpx

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-qppv-j76h-2rpx

fixed_packages

url pkg:pypi/tornado@6.3.3

purl pkg:pypi/tornado@6.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-293v-ye5g-3qh9

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

vulnerability	VCID-vu4k-akst-wbhy

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.3.3

aliases GHSA-qppv-j76h-2rpx, GMS-2023-1908

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jy5-24sv-9qhj

url VCID-96r3-89by-dyer

vulnerability_id VCID-96r3-89by-dyer

summary Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting (default 100MB). Since parsing occurs synchronously on the main thread, this creates the possibility of denial-of-service due to the cost of parsing very large multipart bodies with many parts. This vulnerability is fixed in 6.5.5.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31958.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31958.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-31958

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08453
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-31958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31958

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/119a195e290c43ad2d63a2cf012c29d43d6ed839

reference_url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-qjxf-f2mg-c6mc

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:55:43Z/

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-qjxf-f2mg-c6mc

reference_url

https://lists.debian.org/debian-lts-announce/2026/04/msg00000.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2026/04/msg00000.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-31958

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-31958

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130507
reference_id	1130507
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130507

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2446765
reference_id	2446765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2446765

reference_url	https://github.com/advisories/GHSA-qjxf-f2mg-c6mc
reference_id	GHSA-qjxf-f2mg-c6mc
reference_type
scores
url	https://github.com/advisories/GHSA-qjxf-f2mg-c6mc

reference_url	https://access.redhat.com/errata/RHSA-2026:10184
reference_id	RHSA-2026:10184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10184

reference_url	https://access.redhat.com/errata/RHSA-2026:11454
reference_id	RHSA-2026:11454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11454

reference_url	https://access.redhat.com/errata/RHSA-2026:11493
reference_id	RHSA-2026:11493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11493

reference_url	https://access.redhat.com/errata/RHSA-2026:11494
reference_id	RHSA-2026:11494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11494

reference_url	https://access.redhat.com/errata/RHSA-2026:11495
reference_id	RHSA-2026:11495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11495

reference_url	https://access.redhat.com/errata/RHSA-2026:13641
reference_id	RHSA-2026:13641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13641

reference_url	https://access.redhat.com/errata/RHSA-2026:13670
reference_id	RHSA-2026:13670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13670

reference_url	https://access.redhat.com/errata/RHSA-2026:19034
reference_id	RHSA-2026:19034
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19034

reference_url	https://access.redhat.com/errata/RHSA-2026:19189
reference_id	RHSA-2026:19189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19189

reference_url	https://access.redhat.com/errata/RHSA-2026:20572
reference_id	RHSA-2026:20572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20572

reference_url	https://access.redhat.com/errata/RHSA-2026:20573
reference_id	RHSA-2026:20573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20573

reference_url	https://access.redhat.com/errata/RHSA-2026:20577
reference_id	RHSA-2026:20577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20577

reference_url	https://access.redhat.com/errata/RHSA-2026:20810
reference_id	RHSA-2026:20810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20810

reference_url	https://access.redhat.com/errata/RHSA-2026:8093
reference_id	RHSA-2026:8093
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8093

reference_url	https://usn.ubuntu.com/8198-1/
reference_id	USN-8198-1
reference_type
scores
url	https://usn.ubuntu.com/8198-1/

reference_url	https://usn.ubuntu.com/8198-2/
reference_id	USN-8198-2
reference_type
scores
url	https://usn.ubuntu.com/8198-2/

fixed_packages

url	pkg:pypi/tornado@6.5.5
purl	pkg:pypi/tornado@6.5.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.5.5

aliases CVE-2026-31958, GHSA-qjxf-f2mg-c6mc, PYSEC-2026-140

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96r3-89by-dyer

url VCID-9vcz-3gme-b3bm

vulnerability_id VCID-9vcz-3gme-b3bm

summary tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35536.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35536.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-35536

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04868
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-35536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35536

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:12:08Z/

url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-35536

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-35536

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132367
reference_id	1132367
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132367

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2454716
reference_id	2454716
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2454716

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7

reference_id

GHSA-78cv-mqj4-43f7

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:12:08Z/

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7

reference_url	https://github.com/advisories/GHSA-fqwm-6jpj-5wxc
reference_id	GHSA-fqwm-6jpj-5wxc
reference_type
scores
url	https://github.com/advisories/GHSA-fqwm-6jpj-5wxc

reference_url	https://access.redhat.com/errata/RHSA-2026:13641
reference_id	RHSA-2026:13641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13641

reference_url	https://access.redhat.com/errata/RHSA-2026:13670
reference_id	RHSA-2026:13670
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13670

reference_url	https://access.redhat.com/errata/RHSA-2026:19034
reference_id	RHSA-2026:19034
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19034

reference_url	https://access.redhat.com/errata/RHSA-2026:19189
reference_id	RHSA-2026:19189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19189

reference_url	https://access.redhat.com/errata/RHSA-2026:20572
reference_id	RHSA-2026:20572
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20572

reference_url	https://access.redhat.com/errata/RHSA-2026:20573
reference_id	RHSA-2026:20573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20573

reference_url	https://access.redhat.com/errata/RHSA-2026:20577
reference_id	RHSA-2026:20577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20577

reference_url	https://access.redhat.com/errata/RHSA-2026:20810
reference_id	RHSA-2026:20810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:20810

reference_url	https://usn.ubuntu.com/8198-1/
reference_id	USN-8198-1
reference_type
scores
url	https://usn.ubuntu.com/8198-1/

reference_url	https://usn.ubuntu.com/8198-2/
reference_id	USN-8198-2
reference_type
scores
url	https://usn.ubuntu.com/8198-2/

fixed_packages

url	pkg:pypi/tornado@6.5.5
purl	pkg:pypi/tornado@6.5.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.5.5

aliases CVE-2026-35536, GHSA-fqwm-6jpj-5wxc

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9vcz-3gme-b3bm

url VCID-a4ry-gnvn-e3a1

vulnerability_id VCID-a4ry-gnvn-e3a1

summary Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28370.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28370.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28370

reference_id

reference_type

scores

value	0.0043
scoring_system	epss
scoring_elements	0.62925
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28370

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2023-75.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2023-75.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f

reference_url

https://github.com/tornadoweb/tornado/releases/tag/v6.3.2

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T15:19:04Z/

url

https://github.com/tornadoweb/tornado/releases/tag/v6.3.2

reference_url

https://jvn.jp/en/jp/JVN45127776

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://jvn.jp/en/jp/JVN45127776

reference_url

https://jvn.jp/en/jp/JVN45127776/

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T15:19:04Z/

url

https://jvn.jp/en/jp/JVN45127776/

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036875
reference_id	1036875
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036875

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2210199
reference_id	2210199
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2210199

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-28370

reference_id

CVE-2023-28370

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-28370

reference_url	https://github.com/advisories/GHSA-hj3f-6gcp-jg8j
reference_id	GHSA-hj3f-6gcp-jg8j
reference_type
scores
url	https://github.com/advisories/GHSA-hj3f-6gcp-jg8j

reference_url	https://access.redhat.com/errata/RHSA-2023:6523
reference_id	RHSA-2023:6523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6523

reference_url	https://usn.ubuntu.com/6159-1/
reference_id	USN-6159-1
reference_type
scores
url	https://usn.ubuntu.com/6159-1/

reference_url	https://usn.ubuntu.com/7150-1/
reference_id	USN-7150-1
reference_type
scores
url	https://usn.ubuntu.com/7150-1/

fixed_packages

url pkg:pypi/tornado@6.3.2

purl pkg:pypi/tornado@6.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-293v-ye5g-3qh9

vulnerability	VCID-2jy5-24sv-9qhj

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

vulnerability	VCID-vu4k-akst-wbhy

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.3.2

aliases CVE-2023-28370, GHSA-hj3f-6gcp-jg8j, PYSEC-2023-75

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4ry-gnvn-e3a1

url VCID-gbeg-1cjj-fufw

vulnerability_id VCID-gbeg-1cjj-fufw

summary Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.

references

reference_url

http://openwall.com/lists/oss-security/2015/05/19/4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2015/05/19/4

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9720.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9720

reference_id

reference_type

scores

value	0.00784
scoring_system	epss
scoring_elements	0.74157
published_at	2026-06-05T12:55:00Z

value	0.00784
scoring_system	epss
scoring_elements	0.74123
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9720

reference_url

https://bugzilla.novell.com/show_bug.cgi?id=930362

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.novell.com/show_bug.cgi?id=930362

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1222816

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1222816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9720

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2020-213.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2020-213.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/1c36307463b1e8affae100bf9386948e6c1b2308

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/1c36307463b1e8affae100bf9386948e6c1b2308

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-9720

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2014-9720

reference_url

http://www.tornadoweb.org/en/stable/releases/v3.2.2.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	7.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.tornadoweb.org/en/stable/releases/v3.2.2.html

reference_url	https://github.com/advisories/GHSA-8vpw-mgpf-mpvv
reference_id	GHSA-8vpw-mgpf-mpvv
reference_type
scores
url	https://github.com/advisories/GHSA-8vpw-mgpf-mpvv

fixed_packages

url pkg:pypi/tornado@3.2.2

purl pkg:pypi/tornado@3.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-293v-ye5g-3qh9

vulnerability	VCID-2jy5-24sv-9qhj

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-a4ry-gnvn-e3a1

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

vulnerability	VCID-vu4k-akst-wbhy

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@3.2.2

aliases CVE-2014-9720, GHSA-8vpw-mgpf-mpvv, PYSEC-2020-213

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbeg-1cjj-fufw

url VCID-hyxq-9kuv-k3dt

vulnerability_id VCID-hyxq-9kuv-k3dt

summary

Tornado vulnerable to excessive logging caused by malformed multipart form data
When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47287.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47287.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-47287

reference_id

reference_type

scores

value	0.01164
scoring_system	epss
scoring_elements	0.78983
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-47287

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47287
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47287

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-16T13:36:22Z/

url

https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3

reference_url

https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/05/msg00038.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105886
reference_id	1105886
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105886

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2366703
reference_id	2366703
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2366703

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-47287

reference_id

CVE-2025-47287

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-47287

reference_url	https://github.com/advisories/GHSA-7cx3-6m66-7c5m
reference_id	GHSA-7cx3-6m66-7c5m
reference_type
scores
url	https://github.com/advisories/GHSA-7cx3-6m66-7c5m

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m

reference_id

GHSA-7cx3-6m66-7c5m

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-16T13:36:22Z/

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m

reference_url	https://access.redhat.com/errata/RHSA-2025:8135
reference_id	RHSA-2025:8135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8135

reference_url	https://access.redhat.com/errata/RHSA-2025:8136
reference_id	RHSA-2025:8136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8136

reference_url	https://access.redhat.com/errata/RHSA-2025:8223
reference_id	RHSA-2025:8223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8223

reference_url	https://access.redhat.com/errata/RHSA-2025:8226
reference_id	RHSA-2025:8226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8226

reference_url	https://access.redhat.com/errata/RHSA-2025:8254
reference_id	RHSA-2025:8254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8254

reference_url	https://access.redhat.com/errata/RHSA-2025:8279
reference_id	RHSA-2025:8279
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8279

reference_url	https://access.redhat.com/errata/RHSA-2025:8290
reference_id	RHSA-2025:8290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8290

reference_url	https://access.redhat.com/errata/RHSA-2025:8291
reference_id	RHSA-2025:8291
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8291

reference_url	https://access.redhat.com/errata/RHSA-2025:8323
reference_id	RHSA-2025:8323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8323

reference_url	https://access.redhat.com/errata/RHSA-2025:8664
reference_id	RHSA-2025:8664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8664

reference_url	https://usn.ubuntu.com/7547-1/
reference_id	USN-7547-1
reference_type
scores
url	https://usn.ubuntu.com/7547-1/

fixed_packages

url pkg:pypi/tornado@6.5

purl pkg:pypi/tornado@6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-npxk-vap1-7qem

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.5

aliases CVE-2025-47287, GHSA-7cx3-6m66-7c5m

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyxq-9kuv-k3dt

url VCID-npxk-vap1-7qem

vulnerability_id VCID-npxk-vap1-7qem

summary

Tornado has incomplete validation of cookie attributes
Values passed to the `domain`, `path`, and `samesite` arguments of `RequestHandler.set_cookie` were not completely validated in versions of Tornado prior to 6.5.5. In particular, semicolons would be allowed, which could be used to inject attacker-controlled values for other cookie attributes.

references

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/24a2d96ea115f663b223887deb0060f13974c104

reference_url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/releases/tag/v6.5.5

reference_url

https://github.com/advisories/GHSA-78cv-mqj4-43f7

reference_id

GHSA-78cv-mqj4-43f7

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-78cv-mqj4-43f7

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7

reference_id

GHSA-78cv-mqj4-43f7

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-78cv-mqj4-43f7

fixed_packages

url	pkg:pypi/tornado@6.5.5
purl	pkg:pypi/tornado@6.5.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.5.5

aliases GHSA-78cv-mqj4-43f7

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npxk-vap1-7qem

url VCID-sxra-vqmr-fybt

vulnerability_id VCID-sxra-vqmr-fybt

summary CRLF injection vulnerability in the tornado.web.RequestHandler.set_header function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input.

references

reference_url

http://openwall.com/lists/oss-security/2012/05/18/12

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2012/05/18/12

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-2374

reference_id

reference_type

scores

value	0.00329
scoring_system	epss
scoring_elements	0.56146
published_at	2026-06-04T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.562
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-2374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2374
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2374

reference_url	http://secunia.com/advisories/49185
reference_id
reference_type
scores
url	http://secunia.com/advisories/49185

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2012-5.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2012-5.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/1ae91f6d58e6257e0ab49d295d8741ce1727bdb7

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/1ae91f6d58e6257e0ab49d295d8741ce1727bdb7

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-2374

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-2374

reference_url

https://web.archive.org/web/20140720192646/http://secunia.com/advisories/49185

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20140720192646/http://secunia.com/advisories/49185

reference_url

https://web.archive.org/web/20200229124524/http://www.securityfocus.com/bid/53612

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200229124524/http://www.securityfocus.com/bid/53612

reference_url

http://www.openwall.com/lists/oss-security/2012/05/18/6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2012/05/18/6

reference_url	http://www.securityfocus.com/bid/53612
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/53612

reference_url

http://www.tornadoweb.org/documentation/releases/v2.2.1.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.tornadoweb.org/documentation/releases/v2.2.1.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673987
reference_id	673987
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673987

reference_url	https://github.com/advisories/GHSA-f7fv-v9rh-prvc
reference_id	GHSA-f7fv-v9rh-prvc
reference_type
scores
url	https://github.com/advisories/GHSA-f7fv-v9rh-prvc

fixed_packages

url pkg:pypi/tornado@2.2.1

purl pkg:pypi/tornado@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-293v-ye5g-3qh9

vulnerability	VCID-2jy5-24sv-9qhj

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-a4ry-gnvn-e3a1

vulnerability	VCID-gbeg-1cjj-fufw

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

vulnerability	VCID-vu4k-akst-wbhy

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@2.2.1

aliases CVE-2012-2374, GHSA-f7fv-v9rh-prvc, PYSEC-2012-5

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxra-vqmr-fybt

url VCID-vu4k-akst-wbhy

vulnerability_id VCID-vu4k-akst-wbhy

summary

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') in tornado
When Tornado receives a request with two `Transfer-Encoding: chunked` headers, it ignores them both. This enables request smuggling when Tornado is deployed behind a proxy server that emits such requests. [Pound](https://en.wikipedia.org/wiki/Pound_(networking)) does this.

references

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/d65f6e71a77f53a1ff0a0dc55704be13f04eb572

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/d65f6e71a77f53a1ff0a0dc55704be13f04eb572

reference_url

https://github.com/advisories/GHSA-753j-mpmx-qq6g

reference_id

GHSA-753j-mpmx-qq6g

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-753j-mpmx-qq6g

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-753j-mpmx-qq6g

reference_id

GHSA-753j-mpmx-qq6g

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-753j-mpmx-qq6g

fixed_packages

url pkg:pypi/tornado@6.4.1

purl pkg:pypi/tornado@6.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27ab-kc1z-2fcv

vulnerability	VCID-96r3-89by-dyer

vulnerability	VCID-9vcz-3gme-b3bm

vulnerability	VCID-hyxq-9kuv-k3dt

vulnerability	VCID-npxk-vap1-7qem

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@6.4.1

aliases GHSA-753j-mpmx-qq6g

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vu4k-akst-wbhy

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/tornado@1.1

Package Instance