Skip to content

Commit 4e64ff0

Browse files
jasnowRubySec CI
jasnow
authored and
RubySec CI
committed
Updated advisory posts against rubysec/ruby-advisory-db@2f8c90b 
1 parent 2eae904 commit 4e64ff0

1 file changed

Lines changed: 2 additions & 1 deletion

File tree

advisories/_posts/2026-04-17-CVE-2026-41493.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ advisory:
99
gem: yard
1010
cve: 2026-41493
1111
ghsa: 3jfp-46x4-xgfj
12-
url: https://github.com/lsegal/yard/security/advisories/GHSA-3jfp-46x4-xgfj
12+
url: https://nvd.nist.gov/vuln/detail/CVE-2026-41493
1313
title: Possible arbitrary path traversal and file access via yard server
1414
date: 2026-04-17
1515
description: |-
@@ -44,6 +44,7 @@ advisory:
4444
url:
4545
- https://nvd.nist.gov/vuln/detail/CVE-2026-41493
4646
- https://github.com/lsegal/yard/releases/tag/v0.9.42
47+
- https://my.diffend.io/gems/yard/0.9.41/0.9.42
4748
- https://github.com/lsegal/yard/security/advisories/GHSA-3jfp-46x4-xgfj
4849
- https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr
4950
- https://github.com/advisories/GHSA-3jfp-46x4-xgfj

0 commit comments

Comments
 (0)