Skip to main content

Yard

4 CVEs product

Monthly

CVE-2026-49342 Ruby MEDIUM POC PATCH GHSA This Month

Path traversal in the YARD Ruby documentation server (prior to 0.9.44) allows unauthenticated remote attackers to read arbitrary `.html` files from directories outside the configured document root by supplying crafted `../`-containing request paths such as `/../yard-cache-secret.html`. The flaw exists because the static cache lookup in `StaticCaching#check_static_cache` constructs a filesystem path from the raw `request.path` before the router's own path-sanitization logic runs, enabling traversal to sibling directories. No active exploitation has been identified (not in CISA KEV) and no public POC exists at time of analysis; the vendor-released fix is version 0.9.44.

Path Traversal Yard
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-27285 Ruby MEDIUM POC PATCH This Month

YARD is a Ruby Documentation tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Yard Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2019-1020001 Ruby HIGH PATCH This Week

yard before 0.9.20 allows path traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Yard
NVD GitHub
CVSS 3.0
7.5
EPSS
2.3%
CVE-2017-17042 Ruby HIGH PATCH This Week

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Yard
NVD GitHub
CVSS 3.0
7.5
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Path traversal in the YARD Ruby documentation server (prior to 0.9.44) allows unauthenticated remote attackers to read arbitrary `.html` files from directories outside the configured document root by supplying crafted `../`-containing request paths such as `/../yard-cache-secret.html`. The flaw exists because the static cache lookup in `StaticCaching#check_static_cache` constructs a filesystem path from the raw `request.path` before the router's own path-sanitization logic runs, enabling traversal to sibling directories. No active exploitation has been identified (not in CISA KEV) and no public POC exists at time of analysis; the vendor-released fix is version 0.9.44.

Path Traversal Yard
NVD GitHub VulDB
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

YARD is a Ruby Documentation tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Yard Fedora +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

yard before 0.9.20 allows path traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Yard
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Yard
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy