Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-17042

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2017-17042
  • Yardoc » Yard » Version: N/A
    cpe:2.3:a:yardoc:yard:-
  • Yardoc » Yard » Version: 0.1a
    cpe:2.3:a:yardoc:yard:0.1a
  • Yardoc » Yard » Version: 0.2.1
    cpe:2.3:a:yardoc:yard:0.2.1
  • Yardoc » Yard » Version: 0.2.2
    cpe:2.3:a:yardoc:yard:0.2.2
  • Yardoc » Yard » Version: 0.2.3
    cpe:2.3:a:yardoc:yard:0.2.3
  • Yardoc » Yard » Version: 0.2.3.1
    cpe:2.3:a:yardoc:yard:0.2.3.1
  • Yardoc » Yard » Version: 0.2.3.2
    cpe:2.3:a:yardoc:yard:0.2.3.2
  • Yardoc » Yard » Version: 0.2.3.3
    cpe:2.3:a:yardoc:yard:0.2.3.3
  • Yardoc » Yard » Version: 0.2.3.4
    cpe:2.3:a:yardoc:yard:0.2.3.4
  • Yardoc » Yard » Version: 0.2.3.5
    cpe:2.3:a:yardoc:yard:0.2.3.5
  • Yardoc » Yard » Version: 0.4.0
    cpe:2.3:a:yardoc:yard:0.4.0
  • Yardoc » Yard » Version: 0.5.0
    cpe:2.3:a:yardoc:yard:0.5.0
  • Yardoc » Yard » Version: 0.5.1
    cpe:2.3:a:yardoc:yard:0.5.1
  • Yardoc » Yard » Version: 0.5.2
    cpe:2.3:a:yardoc:yard:0.5.2
  • Yardoc » Yard » Version: 0.5.3
    cpe:2.3:a:yardoc:yard:0.5.3
  • Yardoc » Yard » Version: 0.5.4
    cpe:2.3:a:yardoc:yard:0.5.4
  • Yardoc » Yard » Version: 0.5.5
    cpe:2.3:a:yardoc:yard:0.5.5
  • Yardoc » Yard » Version: 0.5.6
    cpe:2.3:a:yardoc:yard:0.5.6
  • Yardoc » Yard » Version: 0.5.7
    cpe:2.3:a:yardoc:yard:0.5.7
  • Yardoc » Yard » Version: 0.5.8
    cpe:2.3:a:yardoc:yard:0.5.8
  • Yardoc » Yard » Version: 0.6.0
    cpe:2.3:a:yardoc:yard:0.6.0
  • Yardoc » Yard » Version: 0.6.1
    cpe:2.3:a:yardoc:yard:0.6.1
  • Yardoc » Yard » Version: 0.6.2
    cpe:2.3:a:yardoc:yard:0.6.2
  • Yardoc » Yard » Version: 0.6.3
    cpe:2.3:a:yardoc:yard:0.6.3
  • Yardoc » Yard » Version: 0.6.4
    cpe:2.3:a:yardoc:yard:0.6.4
  • Yardoc » Yard » Version: 0.6.5
    cpe:2.3:a:yardoc:yard:0.6.5
  • Yardoc » Yard » Version: 0.6.6
    cpe:2.3:a:yardoc:yard:0.6.6
  • Yardoc » Yard » Version: 0.6.7
    cpe:2.3:a:yardoc:yard:0.6.7
  • Yardoc » Yard » Version: 0.6.8
    cpe:2.3:a:yardoc:yard:0.6.8
  • Yardoc » Yard » Version: 0.7.0
    cpe:2.3:a:yardoc:yard:0.7.0
  • Yardoc » Yard » Version: 0.7.1
    cpe:2.3:a:yardoc:yard:0.7.1
  • Yardoc » Yard » Version: 0.7.2
    cpe:2.3:a:yardoc:yard:0.7.2
  • Yardoc » Yard » Version: 0.7.3
    cpe:2.3:a:yardoc:yard:0.7.3
  • Yardoc » Yard » Version: 0.7.4
    cpe:2.3:a:yardoc:yard:0.7.4
  • Yardoc » Yard » Version: 0.7.5
    cpe:2.3:a:yardoc:yard:0.7.5
  • Yardoc » Yard » Version: 0.8.0
    cpe:2.3:a:yardoc:yard:0.8.0
  • Yardoc » Yard » Version: 0.8.1
    cpe:2.3:a:yardoc:yard:0.8.1
  • Yardoc » Yard » Version: 0.8.2
    cpe:2.3:a:yardoc:yard:0.8.2
  • Yardoc » Yard » Version: 0.8.2.1
    cpe:2.3:a:yardoc:yard:0.8.2.1
  • Yardoc » Yard » Version: 0.8.3
    cpe:2.3:a:yardoc:yard:0.8.3
  • Yardoc » Yard » Version: 0.8.4
    cpe:2.3:a:yardoc:yard:0.8.4
  • Yardoc » Yard » Version: 0.8.4.1
    cpe:2.3:a:yardoc:yard:0.8.4.1
  • Yardoc » Yard » Version: 0.8.5
    cpe:2.3:a:yardoc:yard:0.8.5
  • Yardoc » Yard » Version: 0.8.5.1
    cpe:2.3:a:yardoc:yard:0.8.5.1
  • Yardoc » Yard » Version: 0.8.5.2
    cpe:2.3:a:yardoc:yard:0.8.5.2
  • Yardoc » Yard » Version: 0.8.6
    cpe:2.3:a:yardoc:yard:0.8.6
  • Yardoc » Yard » Version: 0.8.6.1
    cpe:2.3:a:yardoc:yard:0.8.6.1
  • Yardoc » Yard » Version: 0.8.6.2
    cpe:2.3:a:yardoc:yard:0.8.6.2
  • Yardoc » Yard » Version: 0.8.7
    cpe:2.3:a:yardoc:yard:0.8.7
  • Yardoc » Yard » Version: 0.8.7.1
    cpe:2.3:a:yardoc:yard:0.8.7.1
  • Yardoc » Yard » Version: 0.8.7.2
    cpe:2.3:a:yardoc:yard:0.8.7.2
  • Yardoc » Yard » Version: 0.8.7.3
    cpe:2.3:a:yardoc:yard:0.8.7.3
  • Yardoc » Yard » Version: 0.8.7.4
    cpe:2.3:a:yardoc:yard:0.8.7.4
  • Yardoc » Yard » Version: 0.8.7.5
    cpe:2.3:a:yardoc:yard:0.8.7.5
  • Yardoc » Yard » Version: 0.8.7.6
    cpe:2.3:a:yardoc:yard:0.8.7.6
  • Yardoc » Yard » Version: 0.9.0
    cpe:2.3:a:yardoc:yard:0.9.0
  • Yardoc » Yard » Version: 0.9.1
    cpe:2.3:a:yardoc:yard:0.9.1
  • Yardoc » Yard » Version: 0.9.10
    cpe:2.3:a:yardoc:yard:0.9.10
  • Yardoc » Yard » Version: 0.9.2
    cpe:2.3:a:yardoc:yard:0.9.2
  • Yardoc » Yard » Version: 0.9.3
    cpe:2.3:a:yardoc:yard:0.9.3
  • Yardoc » Yard » Version: 0.9.4
    cpe:2.3:a:yardoc:yard:0.9.4
  • Yardoc » Yard » Version: 0.9.5
    cpe:2.3:a:yardoc:yard:0.9.5
  • Yardoc » Yard » Version: 0.9.6
    cpe:2.3:a:yardoc:yard:0.9.6
  • Yardoc » Yard » Version: 0.9.7
    cpe:2.3:a:yardoc:yard:0.9.7
  • Yardoc » Yard » Version: 0.9.8
    cpe:2.3:a:yardoc:yard:0.9.8
  • Yardoc » Yard » Version: 0.9.9
    cpe:2.3:a:yardoc:yard:0.9.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved