CVE-2017-17042

EPSS 2.89% · P85 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-17042

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to conduct directory traversal attacks and read arbitrary files.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

YARD 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

YARD是一款Ruby编程语言的文档生成工具。该工具能够生成多种格式的文档。 YARD 0.9.11之前版本中的服务器的lib/yard/core_ext/file.rb文件存在安全漏洞，该漏洞源于程序没有阻止以‘../’序列开头的相关路径。攻击者可利用该漏洞读取任意文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-17042

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-17042

请登录查看更多情报信息。

Patches & Fixes for CVE-2017-17042 (1)

https://github.com/lsegal/yard/commit/b0217b3e30dc53d057b1682506333335975e62b4x_refsource_CONFIRM

https://nvd.nist.gov/vuln/detail/CVE-2017-17042

Same Patch Batch · n/a · 2017-11-28 · 15 CVEs total

CVE-2017-17044		Xen 安全漏洞
CVE-2017-17045		Xen 安全漏洞
CVE-2017-17046		Xen on ARM 安全漏洞
CVE-2017-17043		WordPress Emag Marketplace Connector插件跨站脚本漏洞
CVE-2017-15673		CS-Cart administration section 安全漏洞
CVE-2017-16951		Nullsoft Winamp Pro 安全漏洞
CVE-2017-16952		KMPlayer 安全漏洞
CVE-2016-10702		Pebble Smartwatch设备安全漏洞
CVE-2017-14379		EMC RSA Authentication Manager 跨站脚本漏洞
CVE-2017-14389		Pivotal CF capi-release、cf-release和cf-deployment 安全漏洞
CVE-2017-8001		EMC ScaleIO for Linux 安全漏洞
CVE-2017-8019		EMC ScaleIO MDM、SDS和LIA 安全漏洞
CVE-2017-8020		EMC ScaleIO 缓冲区错误漏洞
CVE-2016-10701		Hitachi Vantara Pentaho Business Analytics Platform 跨站请求伪造漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-17042

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-17042

I. Basic Information for CVE-2017-17042

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-17042

III. Intelligence Information for CVE-2017-17042

Patches & Fixes for CVE-2017-17042 (1)

Same Patch Batch · n/a · 2017-11-28 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-17042

Leave a comment