Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

SUSE-SU-2026:0623-1 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2026:0623-1

SUSE-SU-2026:0623-1

UNKNOWN

Security update for python-tornado

Published Feb 25, 2026

Modified 1 weeks ago

Fix available

Details

This update for python-tornado fixes the following issues:

CVE-2025-67725: inefficient algorithm when parsing parameters for HTTP header values (bsc#1254905).
CVE-2025-67726: Denial of Service (DoS) via maliciously crafted HTTP request caused by the HTTPHeaders.add method (bsc#1254904).

Affected Packages

python-tornado

SUSE Manager Client Tools 12

Fixed in:

4.2.1-17.13.1

python3-tornado

SUSE Manager Client Tools 12

Fixed in:

4.2.1-17.13.1

References

https://bugzilla.suse.com/1254904

https://bugzilla.suse.com/1254905

https://www.suse.com/security/cve/CVE-2025-67725

https://www.suse.com/security/cve/CVE-2025-67726

https://www.suse.com/support/update/announcement/2026/suse-su-20260623-1/

Upstream

CVE-2025-67725 CVE-2025-67726

Related

CVE-2025-67725 CVE-2025-67726

Ecosystems

SUSE Manager Client Tools 12

Timeline

PublishedFeb 25, 2026

ModifiedFeb 25, 2026