Ubuntu Security Update USN-4569-1: Yaws vulnerabilities

Thread starter LinuxBot
Start date Oct 5, 2020

LinuxBot

Member

Oct 5, 2020

It was discovered that Yaws did not properly sanitize XML input. A remote attacker could use this vulnerability to execute an XML External Entity (XXE) injection attack. (CVE-2020-24379) It was discovered that Yaws mishandled certain input when running CGI scripts. A remote attacker could use this vulnerability to execute arbitrary commands. (CVE-2020-24916)

Continue reading...

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Members online

Total: 833 (members: 3, guests: 830)

Latest posts

K
Today's article is a very basic one...
- Latest: KGIII
- 23 minutes ago
Command Line
Post a screenshot of your Desktop
- Latest: wildman
- 26 minutes ago
Desktop
E
Why doesn't the dd command produce a bootable clone disk?
- Latest: etcetera
- 50 minutes ago
General Linux Questions
In person help
- Latest: blunix
- Today at 9:22 PM
General Linux Questions
firefox "server not found" problem
- Latest: blunix
- Today at 9:11 PM
Getting Started

Top