Directory Traversal

Affecting yard gem, versions < 0.9.11

high severity

Overview

yard is a documentation generation tool for the Ruby programming language.

Affected versions of this packafge are vulnerable to Directory Traversal.

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

References

Do your applications use this vulnerable package?

Credit
Unknown
CVE
CVE-2017-17042
Snyk ID
SNYK-RUBY-YARD-22004
Disclosed
23 Nov, 2017
Published
25 Dec, 2017