SLES 12 — ruby2.1-rubygem-yard — vulnerability — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: SLES 12 📖 ~4 min read • Source: SUSE advisory SUSE-SU-2018:1890-1 (see also SUSE bugzilla) Related CVEs: CVE-2017-17042 Upstream summary: lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to […]