CVE-2020-24379

WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.
Configurations

Configuration 1

cpe:2.3:a:yaws:yaws:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Information

Published : 2020-09-09 07:15

Updated : 2022-12-06 09:18


NVD link : CVE-2020-24379

Mitre link : CVE-2020-24379

Products Affected
No products.
CWE
CWE-611

Improper Restriction of XML External Entity Reference