In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were not checked for crafted characters.
The product does not properly filter, remove, quote, or otherwise manage the invalid use of special elements in user-controlled input, which could cause adverse effect on its behavior and integrity.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tornado | Tornadoweb | * | 6.5.5 (excluding) |
| Red Hat Enterprise Linux 10 | RedHat | python-tornado-0:6.5.5-1.el10_1.1 | * |
| Red Hat Enterprise Linux 10 | RedHat | python-tornado-0:6.5.5-1.el10_2 | * |
| Red Hat Enterprise Linux 10.0 Extended Update Support | RedHat | python-tornado-0:6.4.2-1.el10_0.2 | * |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | RedHat | python-tornado-0:4.2.1-5.el7_9.3 | * |
| Red Hat Enterprise Linux 9 | RedHat | python-tornado-0:6.5.5-1.el9_7.1 | * |
| Red Hat Enterprise Linux 9 | RedHat | python-tornado-0:6.5.5-1.el9_8 | * |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | RedHat | python-tornado-0:6.4.2-1.el9_2.2 | * |
| Red Hat Enterprise Linux 9.4 Extended Update Support | RedHat | python-tornado-0:6.4.2-1.el9_4.2 | * |
| Red Hat Enterprise Linux 9.6 Extended Update Support | RedHat | python-tornado-0:6.4.2-2.el9_6.3 | * |
| Python-tornado | Ubuntu | devel | * |
| Python-tornado | Ubuntu | esm-apps/bionic | * |
| Python-tornado | Ubuntu | esm-apps/focal | * |
| Python-tornado | Ubuntu | esm-apps/jammy | * |
| Python-tornado | Ubuntu | esm-infra-legacy/xenial | * |
| Python-tornado | Ubuntu | esm-infra/xenial | * |
| Python-tornado | Ubuntu | jammy | * |
| Python-tornado | Ubuntu | noble | * |
| Python-tornado | Ubuntu | questing | * |
| Python-tornado | Ubuntu | resolute | * |
| Python-tornado | Ubuntu | upstream | * |