https://github.com/lsegal/yard/blob/master/CHANGELOG.md Fix path traversal vulnerability in yard server. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under certain conditions. Thanks to CuongMX from Viettel Cyber Security for discovering this vulnerability. Fixed in yard 0.9.20.
x86 stable
sparc stable
amd64 stable
alpha stable
ia64 stable
ppc64 stable
ppc stable
hppa stable
arm stable
Vulnerable versions have been removed.
GLSA Vote: No! Repository is clean, all done!