Vulnerability-Lookup

CVE-2024-52804 (GCVE-0-2024-52804)

Vulnerability from cvelistv5 – Published: 2024-11-22 15:43 – Updated: 2025-11-03 22:28

Title

Tornado has HTTP cookie parsing DoS vulnerability

Summary

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption
CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tornadoweb/tornado/security/ad…	x_refsource_CONFIRM
	https://github.com/tornadoweb/tornado/commit/d5ba…	x_refsource_MISC
	https://github.com/advisories/GHSA-7pwv-g7hj-39pr	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tornadoweb	tornado	Affected: < 6.4.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:tornadoweb:tornado:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tornado",
            "vendor": "tornadoweb",
            "versions": [
              {
                "lessThan": "6.4.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52804",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T17:54:41.084248Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-25T17:55:43.782Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:28:40.235Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tornado",
          "vendor": "tornadoweb",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 6.4.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T15:43:38.572Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c"
        },
        {
          "name": "https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533"
        },
        {
          "name": "https://github.com/advisories/GHSA-7pwv-g7hj-39pr",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/advisories/GHSA-7pwv-g7hj-39pr"
        }
      ],
      "source": {
        "advisory": "GHSA-8w49-h785-mj3c",
        "discovery": "UNKNOWN"
      },
      "title": "Tornado has HTTP cookie parsing DoS vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-52804",
    "datePublished": "2024-11-22T15:43:38.572Z",
    "dateReserved": "2024-11-15T17:11:13.441Z",
    "dateUpdated": "2025-11-03T22:28:40.235Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-52804\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-25T17:54:41.084248Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:tornadoweb:tornado:*:*:*:*:*:*:*:*\"], \"vendor\": \"tornadoweb\", \"product\": \"tornado\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.4.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-25T17:55:37.644Z\"}}], \"cna\": {\"title\": \"Tornado has HTTP cookie parsing DoS vulnerability\", \"source\": {\"advisory\": \"GHSA-8w49-h785-mj3c\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"tornadoweb\", \"product\": \"tornado\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 6.4.2\"}]}], \"references\": [{\"url\": \"https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c\", \"name\": \"https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533\", \"name\": \"https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/advisories/GHSA-7pwv-g7hj-39pr\", \"name\": \"https://github.com/advisories/GHSA-7pwv-g7hj-39pr\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-11-22T15:43:38.572Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-52804\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-25T17:55:43.782Z\", \"dateReserved\": \"2024-11-15T17:11:13.441Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-11-22T15:43:38.572Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CVE-2024-52804

Vulnerability from fstec - Published: 22.11.2024

Title

Уязвимость асинхронной сетевой библиотеки Tornado, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость асинхронной сетевой библиотеки Tornado связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Novell Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», ООО «РусБИТех-Астра», Red Hat Inc., FriendFeed

Software Name

OpenSUSE Leap, openSUSE Tumbleweed, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, Suse Linux Enterprise Desktop, SUSE Linux Enterprise High Performance Computing, Astra Linux Common Edition (запись в едином реестре российских программ №4433), SUSE Liberty Linux, SUSE Linux Enterprise Module for Python 3, Tornado

Software Version

15.5 (OpenSUSE Leap), - (openSUSE Tumbleweed), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 1.6 «Смоленск» (Astra Linux Common Edition), 9 (SUSE Liberty Linux), 9.2 Extended Update Support (Red Hat Enterprise Linux), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15.6 (OpenSUSE Leap), 1.8 (Astra Linux Special Edition), 9.4 Extended Update Support (Red Hat Enterprise Linux), 15 SP5 (SUSE Linux Enterprise Module for Python 3), 15 SP6 (SUSE Linux Enterprise Module for Python 3), до 6.4.1 включительно (Tornado)

Possible Mitigations

Использование рекомендаций: https://github.com/advisories/GHSA-7pwv-g7hj-39pr_x0001_ https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533_x0001_ https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c Для РедОС: https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-python3-tornado-cve-2024-52804/?sphrase_id=643964 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2024-52804 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2024-52804 Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2024-52804.html Для ОС Astra Linux: обновить пакет python-tornado до 5.1.1-4.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17 Для ОС Astra Linux: обновить пакет python-tornado до 6.2.0-3.astra2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18 Для ОС Astra Linux: обновить пакет python-tornado до 5.1.1-4.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47 Для ОС Astra Linux: обновить пакет python-tornado до 4.4.3-1+deb9u1+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16

Reference

https://redos.red-soft.ru/support/secure/ https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-python3-tornado-cve-2024-52804/?sphrase_id=643964 https://github.com/advisories/GHSA-7pwv-g7hj-39pr_x0001_ https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533_x0001_ https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c https://security-tracker.debian.org/tracker/CVE-2024-52804 https://access.redhat.com/security/cve/cve-2024-52804 https://www.suse.com/security/cve/CVE-2024-52804.html https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17 https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16

CWE

CWE-400

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., FriendFeed",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.5 (OpenSUSE Leap), - (openSUSE Tumbleweed), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 9 (Red Hat Enterprise Linux), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), 9 (SUSE Liberty Linux), 9.2 Extended Update Support (Red Hat Enterprise Linux), 15 SP6 (Suse Linux Enterprise Desktop), 15 SP6 (Suse Linux Enterprise Server), 15 SP6 (SUSE Linux Enterprise Server for SAP Applications), 15 SP6 (SUSE Linux Enterprise High Performance Computing), 15.6 (OpenSUSE Leap), 1.8 (Astra Linux Special Edition), 9.4 Extended Update Support (Red Hat Enterprise Linux), 15 SP5 (SUSE Linux Enterprise Module for Python 3), 15 SP6 (SUSE Linux Enterprise Module for Python 3), \u0434\u043e 6.4.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Tornado)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/advisories/GHSA-7pwv-g7hj-39pr_x0001_\nhttps://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533_x0001_\nhttps://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-python3-tornado-cve-2024-52804/?sphrase_id=643964\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-52804\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2024-52804\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2024-52804.html\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 python-tornado \u0434\u043e 5.1.1-4.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\n\n\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 python-tornado \u0434\u043e 6.2.0-3.astra2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 python-tornado \u0434\u043e 5.1.1-4.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 python-tornado \u0434\u043e 4.4.3-1+deb9u1+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "22.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "20.01.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "31.01.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-00918",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-52804",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenSUSE Leap, openSUSE Tumbleweed, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, SUSE Linux Enterprise Server for SAP Applications, Suse Linux Enterprise Server, Suse Linux Enterprise Desktop, SUSE Linux Enterprise High Performance Computing, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), SUSE Liberty Linux, SUSE Linux Enterprise Module for Python 3, Tornado",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. OpenSUSE Leap 15.5 , Novell Inc. openSUSE Tumbleweed - , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 9 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Desktop 15 SP5 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Novell Inc. SUSE Liberty Linux 9 , Red Hat Inc. Red Hat Enterprise Linux 9.2 Extended Update Support , Novell Inc. Suse Linux Enterprise Desktop 15 SP6 , Novell Inc. Suse Linux Enterprise Server 15 SP6 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP6 , Novell Inc. OpenSUSE Leap 15.6 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 9.4 Extended Update Support ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Tornado, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Tornado \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://redos.red-soft.ru/support/secure/\nhttps://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-python3-tornado-cve-2024-52804/?sphrase_id=643964\nhttps://github.com/advisories/GHSA-7pwv-g7hj-39pr_x0001_\nhttps://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533_x0001_\nhttps://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c\nhttps://security-tracker.debian.org/tracker/CVE-2024-52804\nhttps://access.redhat.com/security/cve/cve-2024-52804\nhttps://www.suse.com/security/cve/CVE-2024-52804.html\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0411SE18\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-0422SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

cve-2024-52804

Vulnerability from osv_almalinux

Published

2024-12-02 00:00

Modified

2024-12-03 08:37

Summary

Important: python-tornado security update

Details

Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools.

Security Fix(es):

python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:9",
        "name": "python3-tornado"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.4.2-1.el9_5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools.  \n\nSecurity Fix(es):  \n\n  * python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
  "id": "ALSA-2024:10590",
  "modified": "2024-12-03T08:37:48Z",
  "published": "2024-12-02T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2024:10590"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-52804"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2328045"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/9/ALSA-2024-10590.html"
    }
  ],
  "related": [
    "CVE-2024-52804"
  ],
  "summary": "Important: python-tornado security update"
}

CERTFR-2025-AVI-0563

Vulnerability from certfr_avis - Published: 2025-07-08 - Updated: 2025-07-08

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Splunk	Splunk Enterprise	Splunk Enterprise Cloud versions 9.3.2411.x antérieures à 9.3.2411.107
Splunk	SOAR	Splunk SOAR versions antérieures à 6.4.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.4.x antérieures à 9.4.3
Splunk	Universal Forwarder	Splunk Universal Forwarder versions 9.2.x antérieures à 9.2.7
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.3.x antérieures à 9.3.5
Splunk	Splunk DB Connect	Splunk DB Connect versions antérieures à 4.0.0
Splunk	Universal Forwarder	Splunk Universal Forwarder versions 9.3.x antérieures à 9.3.5
Splunk	Universal Forwarder	Splunk Universal Forwarder versions 9.4.x antérieures à 9.4.3
Splunk	Splunk Enterprise	Splunk Enterprise Cloud versions 9.3.2408.x antérieures à 9.3.2408.117
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.1.x antérieures à 9.1.10
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.2.x antérieures à 9.2.7
Splunk	Splunk Enterprise	Splunk Enterprise Cloud versions 9.2.2406.x antérieures à 9.2.2406.121
Splunk	Universal Forwarder	Splunk Universal Forwarder versions 9.1.x antérieures à 9.1.10

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2025-0708	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0703	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0701	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0706	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0705	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0702	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0712	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0711	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0707	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0710	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0709	2025-07-07	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0704	2025-07-07	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk Enterprise Cloud versions 9.3.2411.x ant\u00e9rieures \u00e0 9.3.2411.107",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk SOAR versions ant\u00e9rieures \u00e0 6.4.1",
      "product": {
        "name": "SOAR",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.3",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarder versions 9.2.x ant\u00e9rieures \u00e0 9.2.7",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.5",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk DB Connect versions ant\u00e9rieures \u00e0 4.0.0",
      "product": {
        "name": "Splunk DB Connect",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarder versions 9.3.x ant\u00e9rieures \u00e0 9.3.5",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarder versions 9.4.x ant\u00e9rieures \u00e0 9.4.3",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise Cloud versions 9.3.2408.x ant\u00e9rieures \u00e0 9.3.2408.117",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.1.x ant\u00e9rieures \u00e0 9.1.10",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.2.x ant\u00e9rieures \u00e0 9.2.7",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise Cloud versions 9.2.2406.x ant\u00e9rieures \u00e0 9.2.2406.121",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Universal Forwarder versions 9.1.x ant\u00e9rieures \u00e0 9.1.10",
      "product": {
        "name": "Universal Forwarder",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-9681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
    },
    {
      "name": "CVE-2022-30187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30187"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2024-2466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2466"
    },
    {
      "name": "CVE-2025-27414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27414"
    },
    {
      "name": "CVE-2025-20324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20324"
    },
    {
      "name": "CVE-2025-23388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23388"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-20319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20319"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2020-28458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
    },
    {
      "name": "CVE-2025-20321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20321"
    },
    {
      "name": "CVE-2024-45338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
    },
    {
      "name": "CVE-2025-20325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20325"
    },
    {
      "name": "CVE-2024-11053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
    },
    {
      "name": "CVE-2025-23387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23387"
    },
    {
      "name": "CVE-2024-7264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
    },
    {
      "name": "CVE-2021-23445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
    },
    {
      "name": "CVE-2024-48949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
    },
    {
      "name": "CVE-2025-23389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23389"
    },
    {
      "name": "CVE-2024-21538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
    },
    {
      "name": "CVE-2022-35583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-35583"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2024-52804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52804"
    },
    {
      "name": "CVE-2025-20300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20300"
    },
    {
      "name": "CVE-2024-45801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
    },
    {
      "name": "CVE-2024-45337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
    },
    {
      "name": "CVE-2025-20323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20323"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2024-38999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38999"
    },
    {
      "name": "CVE-2025-20320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20320"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2024-45230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45230"
    },
    {
      "name": "CVE-2024-49767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49767"
    },
    {
      "name": "CVE-2024-47875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
    },
    {
      "name": "CVE-2025-20322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-20322"
    },
    {
      "name": "CVE-2024-21272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21272"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2024-8096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2024-39338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
    },
    {
      "name": "CVE-2024-21090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21090"
    },
    {
      "name": "CVE-2013-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-7489"
    },
    {
      "name": "CVE-2025-27789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
    },
    {
      "name": "CVE-2025-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
    },
    {
      "name": "CVE-2024-34064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
    },
    {
      "name": "CVE-2024-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
    },
    {
      "name": "CVE-2024-0853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0853"
    },
    {
      "name": "CVE-2025-22952",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22952"
    },
    {
      "name": "CVE-2024-32002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32002"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2024-6345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
    }
  ],
  "initial_release_date": "2025-07-08T00:00:00",
  "last_revision_date": "2025-07-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0563",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0708",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0708"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0703",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0703"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0701",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0701"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0706",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0706"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0705",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0705"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0702",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0702"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0712",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0712"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0711",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0711"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0707",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0707"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0710",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0710"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0709",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0709"
    },
    {
      "published_at": "2025-07-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0704",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0704"
    }
  ]
}

CERTFR-2025-AVI-0303

Vulnerability from certfr_avis - Published: 2025-04-10 - Updated: 2025-04-10

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Splunk	Splunk SDK for JavaScript	Splunk SDK for JavaScript versions antérieures à 2.0.1
Splunk	Splunk Connect for Syslog	Splunk Connect for Syslog versions antérieures à 3.34.3
Splunk	N/A	Splunk sans les derniers correctifs de sécurité

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2025-0408	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0417	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0404	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0413	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0407	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0415	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0409	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0406	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0414	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0403	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0411	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0410	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0416	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0412	2025-04-09	vendor-advisory
Bulletin de sécurité Splunk SVD-2025-0405	2025-04-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk SDK for JavaScript versions ant\u00e9rieures \u00e0 2.0.1",
      "product": {
        "name": "Splunk SDK for JavaScript",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Connect for Syslog versions ant\u00e9rieures \u00e0 3.34.3",
      "product": {
        "name": "Splunk Connect for Syslog",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk sans les derniers correctifs de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2024-47764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
    },
    {
      "name": "CVE-2024-53899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53899"
    },
    {
      "name": "CVE-2024-52804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52804"
    },
    {
      "name": "CVE-2022-2309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
    },
    {
      "name": "CVE-2022-37434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2020-28196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
    },
    {
      "name": "CVE-2021-30560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30560"
    },
    {
      "name": "CVE-2024-39689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
    },
    {
      "name": "CVE-2022-23491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
    }
  ],
  "initial_release_date": "2025-04-10T00:00:00",
  "last_revision_date": "2025-04-10T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0303",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-04-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0408",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0408"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0417",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0417"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0404",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0404"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0413",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0413"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0407",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0407"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0415",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0415"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0409",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0409"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0406",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0406"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0414",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0414"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0403",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0403"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0411",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0411"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0410",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0410"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0416",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0416"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0412",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0412"
    },
    {
      "published_at": "2025-04-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2025-0405",
      "url": "https://advisory.splunk.com/advisories/SVD-2025-0405"
    }
  ]
}

FKIE_CVE-2024-52804

Vulnerability from fkie_nvd - Published: 2024-11-22 16:15 - Updated: 2025-11-03 23:17

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/advisories/GHSA-7pwv-g7hj-39pr	Not Applicable
security-advisories@github.com	https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533	Patch
security-advisories@github.com	https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html

Impacted products

	Vendor	Product	Version
	tornadoweb	tornado	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tornadoweb:tornado:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F76085D-6918-4959-959D-9B8A0DFD4724",
              "versionEndExcluding": "6.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests. Version 6.4.2 fixes the issue."
    },
    {
      "lang": "es",
      "value": "Tornado es un framework web de Python y una librer\u00eda de redes asincr\u00f3nicas. El algoritmo utilizado para analizar las cookies HTTP en las versiones de Tornado anteriores a la 6.4.2 a veces tiene una complejidad cuadr\u00e1tica, lo que genera un consumo excesivo de CPU al analizar encabezados de cookies manipulado con fines malintencionados. Este an\u00e1lisis se produce en el hilo del bucle de eventos y puede bloquear el procesamiento de otras solicitudes. La versi\u00f3n 6.4.2 soluciona el problema."
    }
  ],
  "id": "CVE-2024-52804",
  "lastModified": "2025-11-03T23:17:15.537",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-22T16:15:34.417",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://github.com/advisories/GHSA-7pwv-g7hj-39pr"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        },
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GHSA-8W49-H785-MJ3C

Vulnerability from github – Published: 2024-11-22 20:26 – Updated: 2025-11-04 16:54

Summary

Tornado has an HTTP cookie parsing DoS vulnerability

Details

The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.

See also CVE-2024-7592 for a similar vulnerability in cpython.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 6.4.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "tornado"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "6.4.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52804"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-22T20:26:41Z",
    "nvd_published_at": "2024-11-22T16:15:34Z",
    "severity": "HIGH"
  },
  "details": "The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the event loop thread and may block the processing of other requests.\n\nSee also CVE-2024-7592 for a similar vulnerability in cpython.",
  "id": "GHSA-8w49-h785-mj3c",
  "modified": "2025-11-04T16:54:32Z",
  "published": "2024-11-22T20:26:41Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52804"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tornadoweb/tornado"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00000.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Tornado has an HTTP cookie parsing DoS vulnerability"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-52804 (GCVE-0-2024-52804)

CVE-2024-52804

cve-2024-52804

Vulnerability from osv_almalinux

CERTFR-2025-AVI-0563

Solutions

CERTFR-2025-AVI-0303

Solutions

FKIE_CVE-2024-52804

GHSA-8W49-H785-MJ3C

Tags

Sightings

Nomenclature