Bugs fixes in "yaws"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-24916 | CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. | 2020-10-05 |
| CVE | CVE-2020-24379 | WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. | 2020-10-05 |
| CVE | CVE-2020-24916 | CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. | 2020-10-05 |
| CVE | CVE-2020-24379 | WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. | 2020-10-05 |
| Debian | 653966 | yaws cross site scripting - Debian Bug report logs | 2012-02-16 |
| CVE | CVE-2011-5025 | Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML | 2012-02-16 |
| Debian | 650009 | yaws vulnerable to directory traversal using ..\\ - Debian Bug report logs | 2011-12-18 |
About
-
Send Feedback to @ubuntu_updates
