Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2018/07/09 12:0 a.m.25 views

openSUSE Security Update : rubygem-yard (openSUSE-2018-707)

This update for rubygem-yard fixes the following issues : - CVE-2017-17042: The server in YARD did not block relative paths with an initial ../ sequence, which allowed attackers to conduct directory traversal attacks and read arbitrary files bsc1070263. This update was imported from the...

7.5CVSS6.6AI score0.02894EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/07/07 12:0 a.m.19 views

openSUSE: Security Advisory for rubygem-yard (openSUSE-SU-2018:1908-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.02894EPSS
Exploits0References2
OSV
OSV
added 2018/07/05 3:28 p.m.3 views

SUSE-SU-2018:1890-1 Security update for rubygem-yard

This update for rubygem-yard fixes the following issues: - CVE-2017-17042: The server in YARD did not block relative paths with an initial ../ sequence, which allowed attackers to conduct directory traversal attacks and read arbitrary files bsc1070263...

7.5CVSS7.4AI score0.02894EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.14 views

Fedora 27 : rubygem-yard (2017-386e856a4f)

Fix to directory traversal attacks CVE-2017-17042. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS6.4AI score0.02894EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/12/14 12:0 a.m.23 views

Fedora Update for rubygem-yard FEDORA-2017-386e856a4f

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02894EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/12/14 12:0 a.m.27 views

Fedora Update for rubygem-yard FEDORA-2017-c6c6e9beae

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02894EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/11/30 3:19 a.m.16 views

CVE-2017-17042

lib/yard/coreext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files...

7.5CVSS5AI score0.02894EPSS
Exploits0References1
NVD
NVD
added 2017/11/28 8:29 p.m.10 views

CVE-2017-17042

lib/yard/coreext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files...

7.5CVSS6.3AI score0.02894EPSS
Exploits0References1
OSV
OSV
added 2017/11/28 8:29 p.m.2 views

DEBIAN-CVE-2017-17042

lib/yard/coreext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files...

7.5CVSS6.9AI score0.02894EPSS
Exploits0References1
CVE
CVE
added 2017/11/28 8:0 p.m.95 views

CVE-2017-17042

CVE-2017-17042 affects the YARD project: the server in YARD before 0.9.11 does not block relative paths starting with ../ in lib/yard/core_ext/file.rb, enabling directory traversal and potential reading of arbitrary files. Affected platforms are evidenced by multiple advisories (Fedora, openSUSE,...

7.5CVSS6.1AI score0.02894EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder