It was discovered that yaws, a high performance HTTP 1.1 webserver, is prone to a denial of service attack via a request with a large HTTP header.