pkg:gem/yard
Type
gem
Name
yard
Known advisories, vulnerabilities and fixes for yard package.
- Repository
- https://rubygems.org/gems/yard
High
2
Medium
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 0.9.11 |
CVE-2017-17042
|
RUBYSEC:YARD-2017-17042 | Potential arbitrary file read vulnerability in yard server | high |
2017-11-28T00:00:00
(6 years ago) |
|
Fixed | >= 0.9.11 |
CVE-2017-17042
|
RUBYSEC:YARD-2017-17042 | Potential arbitrary file read vulnerability in yard server | high |
2017-11-28T00:00:00
(6 years ago) |
|
Affected | < 0.9.20 |
CVE-2019-1020001
|
RUBYSEC:YARD-2019-1020001 | Arbitrary path traversal and file access via `yard server` | high |
2019-07-02T00:00:00
(5 years ago) |
|
Fixed | >= 0.9.20 |
CVE-2019-1020001
|
RUBYSEC:YARD-2019-1020001 | Arbitrary path traversal and file access via `yard server` | high |
2019-07-02T00:00:00
(5 years ago) |
|
Affected | < 0.9.36 |
CVE-2024-27285
|
RUBYSEC:YARD-2024-27285 | YARD's default template vulnerable to Cross-site Scripting in generated frames.html | medium |
2024-02-28T00:00:00
(6 months ago) |
|
Fixed | >= 0.9.36 |
CVE-2024-27285
|
RUBYSEC:YARD-2024-27285 | YARD's default template vulnerable to Cross-site Scripting in generated frames.html | medium |
2024-02-28T00:00:00
(6 months ago) |