Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u1?distro=trixie

Type deb

Namespace debian

Name python-tornado

Version 6.2.0-3+deb12u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.2.0-3+deb12u4

Latest_non_vulnerable_version 6.5.5-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3y8v-vsd8-ubba

vulnerability_id VCID-3y8v-vsd8-ubba

summary

Tornado has an HTTP cookie parsing DoS vulnerability
The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.

See also CVE-2024-7592 for a similar vulnerability in cpython.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52804.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52804.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52804

reference_id

reference_type

scores

value	0.00118
scoring_system	epss
scoring_elements	0.30697
published_at	2026-04-18T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30715
published_at	2026-04-16T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30691
published_at	2026-04-13T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30737
published_at	2026-04-12T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30781
published_at	2026-04-11T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30778
published_at	2026-04-09T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30746
published_at	2026-04-08T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30688
published_at	2026-04-07T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30869
published_at	2026-04-04T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.3082
published_at	2026-04-02T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34762
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52804

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52804
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52804

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533

reference_url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-52804

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-52804

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088112
reference_id	1088112
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088112

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2328045
reference_id	2328045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2328045

reference_url

https://github.com/advisories/GHSA-7pwv-g7hj-39pr

reference_id

GHSA-7pwv-g7hj-39pr

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-25T17:54:41Z/

url

https://github.com/advisories/GHSA-7pwv-g7hj-39pr

reference_url

https://github.com/advisories/GHSA-8w49-h785-mj3c

reference_id

GHSA-8w49-h785-mj3c

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8w49-h785-mj3c

reference_url	https://access.redhat.com/errata/RHSA-2024:10590
reference_id	RHSA-2024:10590
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10590

reference_url	https://access.redhat.com/errata/RHSA-2024:10836
reference_id	RHSA-2024:10836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10836

reference_url	https://access.redhat.com/errata/RHSA-2024:10843
reference_id	RHSA-2024:10843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10843

reference_url	https://access.redhat.com/errata/RHSA-2025:2470
reference_id	RHSA-2025:2470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2470

reference_url	https://access.redhat.com/errata/RHSA-2025:2471
reference_id	RHSA-2025:2471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2471

reference_url	https://access.redhat.com/errata/RHSA-2025:2550
reference_id	RHSA-2025:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2550

reference_url	https://access.redhat.com/errata/RHSA-2025:2872
reference_id	RHSA-2025:2872
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2872

reference_url	https://access.redhat.com/errata/RHSA-2025:2955
reference_id	RHSA-2025:2955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2955

reference_url	https://access.redhat.com/errata/RHSA-2025:2956
reference_id	RHSA-2025:2956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2956

reference_url	https://access.redhat.com/errata/RHSA-2025:3108
reference_id	RHSA-2025:3108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3108

reference_url	https://access.redhat.com/errata/RHSA-2025:3109
reference_id	RHSA-2025:3109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3109

reference_url	https://usn.ubuntu.com/7150-1/
reference_id	USN-7150-1
reference_type
scores
url	https://usn.ubuntu.com/7150-1/

fixed_packages

url	pkg:deb/debian/python-tornado@6.1.0-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.1.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.1.0-1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.1.0-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.1.0-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.1.0-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.2.0-3%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27x3-ch78-8ueh

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-g13r-ansu-27av

vulnerability	VCID-nq24-395d-wuar

vulnerability	VCID-y1z8-z2f1-mqg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.2.0-3%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.4.2-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.4.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.4.2-1%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.4.2-3?distro=trixie

purl pkg:deb/debian/python-tornado@6.4.2-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27x3-ch78-8ueh

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-g13r-ansu-27av

vulnerability	VCID-nq24-395d-wuar

vulnerability	VCID-y1z8-z2f1-mqg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.4.2-3%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.5.4-1?distro=trixie

purl pkg:deb/debian/python-tornado@6.5.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-nq24-395d-wuar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.5.4-1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.5.5-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.5.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.5.5-1%3Fdistro=trixie

aliases CVE-2024-52804, GHSA-8w49-h785-mj3c

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3y8v-vsd8-ubba

url VCID-6knn-nt2y-1uem

vulnerability_id VCID-6knn-nt2y-1uem

summary Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28370.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28370.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28370

reference_id

reference_type

scores

value	0.00528
scoring_system	epss
scoring_elements	0.67186
published_at	2026-04-21T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67205
published_at	2026-04-18T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67193
published_at	2026-04-16T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67157
published_at	2026-04-13T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67187
published_at	2026-04-12T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67201
published_at	2026-04-11T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67121
published_at	2026-04-02T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67144
published_at	2026-04-04T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67119
published_at	2026-04-07T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67182
published_at	2026-04-09T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67169
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28370

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28370
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28370

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2023-75.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/tornado/PYSEC-2023-75.yaml

reference_url

https://github.com/tornadoweb/tornado

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado

reference_url

https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f

reference_url

https://github.com/tornadoweb/tornado/releases/tag/v6.3.2

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T15:19:04Z/

url

https://github.com/tornadoweb/tornado/releases/tag/v6.3.2

reference_url

https://jvn.jp/en/jp/JVN45127776

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://jvn.jp/en/jp/JVN45127776

reference_url

https://jvn.jp/en/jp/JVN45127776/

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-16T15:19:04Z/

url

https://jvn.jp/en/jp/JVN45127776/

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036875
reference_id	1036875
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036875

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2210199
reference_id	2210199
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2210199

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-28370

reference_id

CVE-2023-28370

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-28370

reference_url

https://github.com/advisories/GHSA-hj3f-6gcp-jg8j

reference_id

GHSA-hj3f-6gcp-jg8j

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hj3f-6gcp-jg8j

reference_url	https://access.redhat.com/errata/RHSA-2023:6523
reference_id	RHSA-2023:6523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6523

reference_url	https://usn.ubuntu.com/6159-1/
reference_id	USN-6159-1
reference_type
scores
url	https://usn.ubuntu.com/6159-1/

reference_url	https://usn.ubuntu.com/7150-1/
reference_id	USN-7150-1
reference_type
scores
url	https://usn.ubuntu.com/7150-1/

fixed_packages

url	pkg:deb/debian/python-tornado@6.1.0-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.1.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.1.0-1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.1.0-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.1.0-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.1.0-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.2.0-3%252Bdeb12u1%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/python-tornado@6.2.0-3%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27x3-ch78-8ueh

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-g13r-ansu-27av

vulnerability	VCID-nq24-395d-wuar

vulnerability	VCID-y1z8-z2f1-mqg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.2.0-3%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.3.2-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.3.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.3.2-1%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.4.2-3?distro=trixie

purl pkg:deb/debian/python-tornado@6.4.2-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-27x3-ch78-8ueh

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-g13r-ansu-27av

vulnerability	VCID-nq24-395d-wuar

vulnerability	VCID-y1z8-z2f1-mqg7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.4.2-3%3Fdistro=trixie

url pkg:deb/debian/python-tornado@6.5.4-1?distro=trixie

purl pkg:deb/debian/python-tornado@6.5.4-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-be89-uuxa-fyb5

vulnerability	VCID-nq24-395d-wuar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.5.4-1%3Fdistro=trixie

url	pkg:deb/debian/python-tornado@6.5.5-1?distro=trixie
purl	pkg:deb/debian/python-tornado@6.5.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.5.5-1%3Fdistro=trixie

aliases CVE-2023-28370, GHSA-hj3f-6gcp-jg8j, PYSEC-2023-75

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6knn-nt2y-1uem

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-tornado@6.2.0-3%252Bdeb12u1%3Fdistro=trixie

Package Instance