exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

CVE-2017-17042

около 8 лет назад

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

CVSS3: 7.5

EPSS: Низкий

CVE-2017-17042

около 8 лет назад

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

CVSS3: 7.5

EPSS: Низкий

CVE-2017-17042

около 8 лет назад

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

CVSS3: 7.5

EPSS: Низкий

CVE-2017-17042

около 8 лет назад

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not ...

CVSS3: 7.5

EPSS: Низкий

openSUSE-SU-2018:1908-1

больше 7 лет назад

Security update for rubygem-yard

EPSS: Низкий

SUSE-SU-2018:1890-1

больше 7 лет назад

Security update for rubygem-yard

EPSS: Низкий

GHSA-gj4p-3wh3-2rmf

около 8 лет назад

Arbitrary file read vulnerability in yard server

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-17042 lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.	CVSS3: 7.5	0% Низкий	около 8 лет назад
CVE-2017-17042 lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.	CVSS3: 7.5	0% Низкий	около 8 лет назад
CVE-2017-17042 lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.	CVSS3: 7.5	0% Низкий	около 8 лет назад
CVE-2017-17042 lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not ...	CVSS3: 7.5	0% Низкий	около 8 лет назад
openSUSE-SU-2018:1908-1 Security update for rubygem-yard		0% Низкий	больше 7 лет назад
SUSE-SU-2018:1890-1 Security update for rubygem-yard		0% Низкий	больше 7 лет назад
GHSA-gj4p-3wh3-2rmf Arbitrary file read vulnerability in yard server	CVSS3: 7.5	0% Низкий	около 8 лет назад

Уязвимостей на страницу