Information on source package yaws

Available versions

ReleaseVersion
jessie1.98-4+deb8u1
stretch2.0.4+dfsg-1
buster2.0.6+dfsg-1
bullseye2.0.6+dfsg-1
sid2.0.6+dfsg-1

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2009-4495vulnerablevulnerablevulnerablevulnerablevulnerableYaws 1.85 writes data to a log file without sanitizing non-printable c ...

Resolved issues

BugDescription
CVE-2017-10974Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Direc ...
CVE-2016-1000108
CVE-2011-5025Multiple cross-site scripting (XSS) vulnerabilities in the wiki applic ...
CVE-2011-4350
CVE-2010-4181Directory traversal vulnerability in Yaws 1.89 allows remote attackers ...
CVE-2009-0751Yaws before 1.80 allows remote attackers to cause a denial of service ...
CVE-2005-2008Yaws Webserver 1.55 and earlier allows remote attackers to obtain the ...

Security announcements

DSA / DLADescription
DSA-1740-1yaws - denial of service
DSA-1740-1yaws - denial of service

Search for package or bug name: Reporting problems