yaws

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Web server for dynamic content written in Erlang
Version 2.0.7-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-1161 2.0.7-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2020-12872 AVG-1161 Medium Yes Information disclosure
yaws_config.erl in Yaws through 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks.