pkg:Debian/yaws
共 12 筆 CVECRITICAL4HIGH1MEDIUM2
✅ 檢查你的版本
所有已知漏洞
- CRITICAL9.8CVE-2020-24916CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.from 0, < 2.0.8+dfsg-1
- from 0, < 2.0.8+dfsg-1
- from 0, < 2.0.6+dfsg-1+deb10u1
- from 0, < 2.0.4+dfsg-1+deb9u1
- HIGH7.5CVE-2017-10974Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080.from 0, < 1.91-2
- MEDIUM6.5CVE-2011-4350Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed.from 0, < 1.91-2
- MEDIUM6.1CVE-2016-1000108yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications f…from 0, < 2.0.3-2
- —CVE-2011-5025Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web scr…from 0, < 1.92-1
- —CVE-2009-4495Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's ti…from 0
- from 0, < 1.65-4etch1
- from 0, < 1.80-1
- —CVE-2005-2008Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a tra…from 0, < 1.56-1