Vulnerabilities > Yardoc
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-29 | CVE-2019-1020001 | Path Traversal vulnerability in Yardoc Yard yard before 0.9.20 allows path traversal. | 7.5 |
| 2017-11-28 | CVE-2017-17042 | Path Traversal vulnerability in Yardoc Yard lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files. | 7.5 |