Add CVE-2023-28370/python-tornado

author: Salvatore Bonaccorso <carnil@debian.org> 2023-05-25 22:45:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-05-25 22:45:30 +0200
commit: 0b36b8a4a2f380882504560e08df0217d3a3dd8d (patch)
tree: 2f820821b785c76cb97dc42cc8036d25075e1344
parent: 799a0328c037c7dd4be3367e3fd9b93ea24d5b6b (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index a3bb7dde18..ae27f5857b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -55,7 +55,8 @@ CVE-2023-2500 (The Go Pricing - WordPress Responsive Pricing Tables plugin for W
 CVE-2023-2480 (Missing access permissions checks in M-Files Client before 23.5.12598. ...)
 	NOT-FOR-US: M-Files
 CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlier allo ...)
-	TODO: check
+	- python-tornado <unfixed>
+	NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
 CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
 	NOT-FOR-US: Wacom Tablet Driver installer
 CVE-2023-XXXX [Block themes parsing shortcodes in user-generated data]
author	Salvatore Bonaccorso <carnil@debian.org>	2023-05-25 22:45:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-05-25 22:45:30 +0200
commit	0b36b8a4a2f380882504560e08df0217d3a3dd8d (patch)
tree	2f820821b785c76cb97dc42cc8036d25075e1344
parent	799a0328c037c7dd4be3367e3fd9b93ea24d5b6b (diff)