Search criteria
4 vulnerabilities by yardoc
CVE-2026-41493 (GCVE-0-2026-41493)
Vulnerability from cvelistv5 – Published: 2026-05-08 13:13 – Updated: 2026-05-08 21:27
VLAI
Title
yard: Possible arbitrary path traversal and file access via yard server
Summary
YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under certain conditions. This issue has been patched in version 0.9.42.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/lsegal/yard/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/lsegal/yard/releases/tag/v0.9.42 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-41493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T14:15:08.883899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T21:27:41.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yard",
"vendor": "lsegal",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under certain conditions. This issue has been patched in version 0.9.42."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T13:13:49.232Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/lsegal/yard/security/advisories/GHSA-3jfp-46x4-xgfj",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lsegal/yard/security/advisories/GHSA-3jfp-46x4-xgfj"
},
{
"name": "https://github.com/lsegal/yard/releases/tag/v0.9.42",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lsegal/yard/releases/tag/v0.9.42"
}
],
"source": {
"advisory": "GHSA-3jfp-46x4-xgfj",
"discovery": "UNKNOWN"
},
"title": "yard: Possible arbitrary path traversal and file access via yard server"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-41493",
"datePublished": "2026-05-08T13:13:49.232Z",
"dateReserved": "2026-04-20T16:14:19.008Z",
"dateUpdated": "2026-05-08T21:27:41.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-27285 (GCVE-0-2024-27285)
Vulnerability from cvelistv5 – Published: 2024-02-28 19:22 – Updated: 2025-02-13 17:46
VLAI
Title
YARD's default template vulnerable to Cross-site Scripting in generated frames.html
Summary
YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.
Severity
5.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://github.com/lsegal/yard/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/lsegal/yard/pull/1538 | x_refsource_MISC |
| https://github.com/lsegal/yard/commit/1fcb2d8b316… | x_refsource_MISC |
| https://github.com/lsegal/yard/commit/2069e2bf082… | x_refsource_MISC |
| https://github.com/rubysec/ruby-advisory-db/blob/… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2024… | |
| https://lists.fedoraproject.org/archives/list/pac… |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:28:00.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc"
},
{
"name": "https://github.com/lsegal/yard/pull/1538",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lsegal/yard/pull/1538"
},
{
"name": "https://github.com/lsegal/yard/commit/1fcb2d8b316caf8779cfdcf910715e9ab583f0aa",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lsegal/yard/commit/1fcb2d8b316caf8779cfdcf910715e9ab583f0aa"
},
{
"name": "https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00006.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MR3Z2E2UIZZ7YOR7R645EVSBGWMB2RGA/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:yardoc:yard:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "yard",
"vendor": "yardoc",
"versions": [
{
"status": "affected",
"version": "0.9.36"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27285",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-29T20:48:49.252393Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T14:08:36.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yard",
"vendor": "lsegal",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.36"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "YARD is a Ruby Documentation tool. The \"frames.html\" file within the Yard Doc\u0027s generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the \"frames.erb\" template file. This vulnerability is fixed in 0.9.36."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-21T02:06:28.560Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc"
},
{
"name": "https://github.com/lsegal/yard/pull/1538",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lsegal/yard/pull/1538"
},
{
"name": "https://github.com/lsegal/yard/commit/1fcb2d8b316caf8779cfdcf910715e9ab583f0aa",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lsegal/yard/commit/1fcb2d8b316caf8779cfdcf910715e9ab583f0aa"
},
{
"name": "https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be"
},
{
"name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00006.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MR3Z2E2UIZZ7YOR7R645EVSBGWMB2RGA/"
}
],
"source": {
"advisory": "GHSA-8mq4-9jjh-9xrc",
"discovery": "UNKNOWN"
},
"title": "YARD\u0027s default template vulnerable to Cross-site Scripting in generated frames.html"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-27285",
"datePublished": "2024-02-28T19:22:15.026Z",
"dateReserved": "2024-02-22T18:08:38.872Z",
"dateUpdated": "2025-02-13T17:46:21.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1020001 (GCVE-0-2019-1020001)
Vulnerability from cvelistv5 – Published: 2019-07-29 00:00 – Updated: 2024-08-05 03:14
VLAI
Summary
yard before 0.9.20 allows path traversal.
Severity
No CVSS data available.
CWE
- path traversal
Assigner
References
2 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:15.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr"
},
{
"name": "[debian-lts-announce] 20240306 [SECURITY] [DLA 3753-1] yard security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "yard",
"vendor": "yard",
"versions": [
{
"status": "affected",
"version": "\u003c 0.9.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "yard before 0.9.20 allows path traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "path traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T23:05:57.748Z",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"url": "https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr"
},
{
"name": "[debian-lts-announce] 20240306 [SECURITY] [DLA 3753-1] yard security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00006.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1020001",
"datePublished": "2019-07-29T00:00:00.000Z",
"dateReserved": "2019-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:14:15.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17042 (GCVE-0-2017-17042)
Vulnerability from cvelistv5 – Published: 2017-11-28 20:00 – Updated: 2024-09-16 17:18
VLAI
Summary
lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/lsegal/yard/commit/b0217b3e30d… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T20:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4",
"refsource": "CONFIRM",
"url": "https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17042",
"datePublished": "2017-11-28T20:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:18:23.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}