Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-12872HistoryMay 15, 2020 - 7:15 p.m.
CVE-2020-12872
2020-05-1519:15:00
Debian Security Bug Tracker
security-tracker.debian.org
9
0.001 Low
EPSS
Percentile
34.8%
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | erlang | < 1:21.2.6+dfsg-1 | erlang_1:21.2.6+dfsg-1_all.deb |
| Debian | 11 | all | erlang | < 1:21.2.6+dfsg-1 | erlang_1:21.2.6+dfsg-1_all.deb |
| Debian | 10 | all | erlang | < 1:21.2.6+dfsg-1 | erlang_1:21.2.6+dfsg-1_all.deb |
| Debian | 999 | all | erlang | < 1:21.2.6+dfsg-1 | erlang_1:21.2.6+dfsg-1_all.deb |
| Debian | 13 | all | erlang | < 1:21.2.6+dfsg-1 | erlang_1:21.2.6+dfsg-1_all.deb |
Related
osv
osv
CVE-2020-12872
2020-05-15 19:15:12
prion
prion
Design/Logic Flaw
2020-05-15 19:15:00
ubuntucve
ubuntucve
CVE-2020-12872
2020-05-15 00:00:00
cve
cve
CVE-2020-12872
2020-05-15 19:15:00
cvelist
cvelist
CVE-2020-12872
2020-05-15 18:20:07
archlinux
archlinux
[ASA-202009-14] yaws: multiple issues
2020-09-26 00:00:00
openvas
openvas
SSL/TLS: Report Vulnerable Cipher Suites for HTTPS
2016-12-22 00:00:00
kitploit
kitploit