It was discovered that YARD incorrectly sanitized paths in its built-in documentation server. An attacker could possibly use this issue to read arbitrary files from the server host.
Continue reading...
Continue reading...
Ubuntu Security Update USN-8394-1: YARD vulnerability
- Thread starter LinuxBot
- Start date
