Lucene search
Redhat.comRH:CVE-2017-17042HistoryNov 30, 2017 - 3:19 a.m.
CVE-2017-17042
2017-11-3003:19:33
redhat.com
access.redhat.com
6
0.002 Low
EPSS
Percentile
51.8%
lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial …/ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.
Related
debiancve
debiancve
CVE-2017-17042
2022-10-03 16:23:20
prion
prion
Directory traversal
2017-11-28 20:29:00
openvas
openvas
Fedora Update for rubygem-yard FEDORA-2017-386e856a4f
2017-12-14 00:00:00
Fedora Update for rubygem-yard FEDORA-2017-ca05b30e86
2017-12-14 00:00:00
Fedora Update for rubygem-yard FEDORA-2017-c6c6e9beae
2017-12-14 00:00:00
cve
cve
CVE-2017-17042
2022-10-03 16:23:20
nessus
nessus
Fedora 26 : rubygem-yard (2017-c6c6e9beae)
2017-12-13 00:00:00
Fedora 25 : rubygem-yard (2017-ca05b30e86)
2017-12-13 00:00:00
openSUSE Security Update : rubygem-yard (openSUSE-2018-707)
2018-07-09 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: rubygem-yard-0.9.8-4.fc26
2017-12-12 13:46:39
[SECURITY] Fedora 25 Update: rubygem-yard-0.8.7.6-4.fc25
2017-12-12 14:40:55
[SECURITY] Fedora 27 Update: rubygem-yard-0.9.8-4.fc27
2017-12-12 11:30:35
ubuntucve
ubuntucve
CVE-2017-17042
2017-11-28 00:00:00
github
github
Arbitrary file read vulnerability in yard server
2017-12-21 00:47:25
osv
osv
Arbitrary file read vulnerability in yard server
2017-12-21 00:47:25
CVE-2017-17042
2017-11-28 20:29:00
yard vulnerabilities
2024-04-15 10:27:32
veracode
veracode
Directory Traversal
2017-11-29 01:45:24
nvd
nvd
CVE-2017-17042
2017-11-28 20:29:00
suse
suse
Security update for rubygem-yard (important)
2018-07-07 00:11:14
cvelist
cvelist
CVE-2017-17042
2022-10-03 16:23:20
ubuntu
ubuntu
YARD vulnerabilities
2024-04-15 00:00:00