Bug 1519065 (CVE-2017-17042) - CVE-2017-17042 rubygem-yard: (lib/yard/core_ext/file.rb) is vulnerable to directory traversal attacks
Summary: CVE-2017-17042 rubygem-yard: (lib/yard/core_ext/file.rb) is vulnerable to dir...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2017-17042
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1519068 1519596
Blocks: 1519074
TreeView+ depends on / blocked
 
Reported: 2017-11-30 02:53 UTC by Sam Fowler
Modified: 2021-02-17 01:11 UTC (History)
19 users (show)

Fixed In Version: rubygem-yard 0.9.12
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-01 01:24:21 UTC


Attachments (Terms of Use)

Description Sam Fowler 2017-11-30 02:53:50 UTC
A component of the rubygem-yard library (lib/yard/core_ext/file.rb) that is used by the yard document generation server does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17042
https://bugzilla.novell.com/show_bug.cgi?id=1070263
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17042.html
http://www.cvedetails.com/cve/CVE-2017-17042/
https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4

Comment 1 Sam Fowler 2017-11-30 03:01:17 UTC
Created rubygem-yard tracking bugs for this issue:

Affects: fedora-all [bug 1519068]

Comment 2 Kurt Seifried 2017-12-01 01:21:35 UTC
Created rubygem-yard tracking bugs for this issue:

Affects: openshift-1 [bug 1519596]

Comment 3 Kurt Seifried 2017-12-01 01:23:44 UTC
Statement:

This issue affects the versions of rubygem-yard as shipped with Red Hat Subscription Asset Manager 1.x and Message Routing and Grid 2.x. Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.


Note You need to log in before you can comment on or make changes to this bug.