| Release | Version |
|---|---|
| bullseye | 6.1.0-1 |
| bullseye (security) | 6.1.0-1+deb11u2 |
| bookworm | 6.2.0-3+deb12u2 |
| trixie | 6.4.2-3 |
| forky | 6.5.2-3 |
| sid | 6.5.2-3 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-67726 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Tornado is a Python web framework and asynchronous networking library. ... |
| CVE-2025-67725 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Tornado is a Python web framework and asynchronous networking library. ... |
| CVE-2025-67724 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Tornado is a Python web framework and asynchronous networking library. ... |
| Bug | Description |
|---|---|
| CVE-2025-47287 | Tornado is a Python web framework and asynchronous networking library. ... |
| CVE-2024-52804 | Tornado is a Python web framework and asynchronous networking library. ... |
| CVE-2023-28370 | Open redirect vulnerability in Tornado versions 6.3.1 and earlier allo ... |
| CVE-2014-9720 | Tornado before 3.2.2 sends arbitrary responses that contain a fixed CS ... |
| CVE-2013-2099 | Algorithmic complexity vulnerability in the ssl.match_hostname functio ... |
| CVE-2012-2374 | CRLF injection vulnerability in the tornado.web.RequestHandler.set_hea ... |
| DSA / DLA | Description |
|---|---|
| DSA-5938-1 | python-tornado - security update |
| DLA-4188-1 | python-tornado - security update |
| DLA-4007-1 | python-tornado - security update |
| DLA-475-1 | python-tornado - security update |
| DLA-279-1 | python-tornado - security update |