Unrated severityNVD Advisory· Published May 15, 2020· Updated Aug 4, 2024
CVE-2020-12872
CVE-2020-12872
Description
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Yaws/Yawsdescription
Patches
Vulnerability mechanics
References
5- github.com/erlyaws/yaws/blob/c0fd79f17d52628fcec527da7fa3e788c283c445/src/yaws_config.erlmitrex_refsource_MISC
- github.com/erlyaws/yaws/issues/402mitrex_refsource_MISC
- github.com/erlyaws/yaws/releasesmitrex_refsource_MISC
- medium.com/%40charlielabs101/cve-2020-12872-df315411aa70mitrex_refsource_MISC
- sweet32.infomitrex_refsource_MISC
News mentions
0No linked articles in our index yet.