AVG-1161 log

Package yaws
Status Vulnerable
Severity Medium
Type information disclosure
Affected 2.0.7-2
Fixed Unknown
Current 2.0.7-2 [community]
Ticket Create
Created Sat May 16 18:59:48 2020
Issue Severity Remote Type Description
CVE-2020-12872 Medium Yes Information disclosure
yaws_config.erl in Yaws through 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks.