RubySec

Providing security resources for the Ruby community

CVE-2017-17042 (yard): Potential arbitrary file read vulnerability in yard server

ADVISORIES

GEM

yard

SEVERITY

CVSS v3: 7.5 (High)

CVSS v2: 5.0 (Medium)

PATCHED VERSIONS

  • >= 0.9.11

DESCRIPTION

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.