Information on source package yaws

Available versions

ReleaseVersion
stretch2.0.4+dfsg-1
buster2.0.6+dfsg-1
bullseye2.0.7+dfsg-2
sid2.0.7+dfsg-2

Open unimportant issues

BugstretchbusterbullseyesidDescription
CVE-2009-4495vulnerablevulnerablevulnerablevulnerableYaws 1.85 writes data to a log file without sanitizing non-printable c ...

Resolved issues

BugDescription
CVE-2017-10974Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Direc ...
CVE-2016-1000108yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 ...
CVE-2011-5025Multiple cross-site scripting (XSS) vulnerabilities in the wiki applic ...
CVE-2011-4350Yaws 1.91 has a directory traversal vulnerability in the way certain U ...
CVE-2010-4181Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...
CVE-2009-0751Yaws before 1.80 allows remote attackers to cause a denial of service ...
CVE-2005-2008Yaws Webserver 1.55 and earlier allows remote attackers to obtain the ...

Security announcements

DSA / DLADescription
DSA-1740-1yaws - denial of service

Search for package or bug name: Reporting problems