| Package | awstats |
|---|---|
| Version | 7.6+dfsg-2+deb10u4 (buster) |
| Related CVEs | CVE-2025-63261 |
It was discovered that there was a potential command injection vulnerability in
awstats, an analytics tool for web servers and similar services.
For Debian 10 buster, these problems have been fixed in version 7.6+dfsg-2+deb10u4.
We recommend that you upgrade your awstats packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.