CVSS: 10.0EPSS: 39%CPEs: 4EXPL: 4CVE-2020-24916 – Debian Security Advisory 4773-1
https://notcve.org/view.php?id=CVE-2020-24916
08 Sep 2020 — CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. la implementación de CGI en el servidor web Yaws. (CVE-2020-24916) Una implementación de CGI en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de comandos del Sistema Operativo. It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled... • https://packetstorm.news/files/id/159106 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 3CVE-2020-24379 – Debian Security Advisory 4773-1
https://notcve.org/view.php?id=CVE-2020-24379
08 Sep 2020 — WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. Una implementación de WebDAV en el servidor web Yaws versiones 1.81 hasta 2.0.7, es vulnerable a una inyección de tipo XXE. It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity injection attack. It was discovered that Yaws mishandled certain input when running CGI scripts. • https://packetstorm.news/files/id/159106 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-12872
https://notcve.org/view.php?id=CVE-2020-12872
15 May 2020 — yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0. El archivo yaws_config.erl en Yaws versiones hasta 2.0.2 y/o 2.0.7, carga cifrados TLS obsoletos, como es demostrado por los que permiten ataques de tipo Sweet32, si se ejecuta en una máquina virtual Erlang/OTP con una versión inferior a 21.0 • https://github.com/erlyaws/yaws/blob/c0fd79f17d52628fcec527da7fa3e788c283c445/src/yaws_config.erl#L2068-L2075 • CWE-326: Inadequate Encryption Strength •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2016-1000108
https://notcve.org/view.php?id=CVE-2016-1000108
10 Dec 2019 — yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. yaws versiones anteriores a la versión 2.0.4, no intenta abordar los conflictos de espacio de nombres ... • http://www.openwall.com/lists/oss-security/2016/07/18/6 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 25%CPEs: 4EXPL: 2CVE-2011-4350 – Yaws Web Server Directory Traversal
https://notcve.org/view.php?id=CVE-2011-4350
26 Nov 2019 — Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-crafted URL request. Yaws versión 1.91, presenta una vulnerabilidad de salto de directorio en la manera en que ciertas URL son procesadas. Un usuario autenticado remoto podría usar este fallo para obtener contenido de archivos locales arbitrarios mediante una petición de URL especialmente diseñada. • https://packetstorm.news/files/id/181020 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 91%CPEs: 1EXPL: 2CVE-2017-10974 – Yaws 1.91 - Remote File Disclosure
https://notcve.org/view.php?id=CVE-2017-10974
07 Jul 2017 — Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of an initial /%5C sequence to defeat traversal protection mechanisms; the initial /%5C sequence was apparently not discussed in earlier research on this product. Yaws 1.91 permite la divulgación remota de archivos sin autenticarse mediante un salto de directorio HTTP con /%5C../ en el puerto 8080. NOTA: Este CVE solo trata el uso de una secuencia /%5C inicial para... • https://www.exploit-db.com/exploits/42303 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2011-5025 – Yaws-Wiki 1.88-1 (Erlang) - Persistent / Reflective Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2011-5025
29 Dec 2011 — Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) the index parameter to showOldPage.yaws, (3) the node parameter to allRefsToMe.yaws, or (4) the text parameter to editPage.yaws. Varias vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en la aplicación de wiki en Yaws v1.88 permite a atacantes remotos inyectar secuencias de comandos web o HTML a... • https://www.exploit-db.com/exploits/17111 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 2CVE-2010-4181 – Yaws 1.89 - Directory Traversal
https://notcve.org/view.php?id=CVE-2010-4181
04 Nov 2010 — Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences. Vulnerabilidad de salto de directorio en Yaws v1.89, permite a atacantes remotos leer ficheros arbitrarios mediante ..\ (punto punto barra) y otras secuencias. • https://www.exploit-db.com/exploits/15371 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 3CVE-2009-4495 – Yaws 1.55 - 'Logs' Terminal Escape Sequence Command Injection
https://notcve.org/view.php?id=CVE-2009-4495
13 Jan 2010 — Yaws 1.85 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. Yaws v1.85, escribe datos en un archivo de los sin depurar los caracteres no escribibles, lo que podría permitir a atacantes remotos modificar la ventana de título, o posiblemente ejecutar comandos de su elección o sobrescribir archiv... • https://www.exploit-db.com/exploits/33502 • CWE-20: Improper Input Validation •