CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в yard

YARD is a Ruby documentation tool. The “frames.html” file within the generated documentation by YARD is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the “frames.erb” template file. This vulnerability has been fixed in...

6.1CVSS6.6AI score0.03316EPSS

Exploits1References1

Tenable Nessus•added 2026/05/09 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-41493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation...

7.5CVSS6AI score0.00091EPSS

Exploits0References3

OSV•added 2026/05/08 2:16 p.m.•4 views

DEBIAN-CVE-2026-41493

YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under certain conditions...

7.5CVSS5.9AI score0.00091EPSS

Exploits0References1

UbuntuCve•added 2024/02/29 12:0 a.m.•20 views

CVE-2024-27285

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...

6.1CVSS6.8AI score0.03316EPSS

Exploits1References8

OSV•added 2024/02/29 12:0 a.m.•0 views

UBUNTU-CVE-2024-27285

6.1CVSS7.1AI score0.03316EPSS

Exploits1References9