all InfoSec news
USN-6731-1: YARD vulnerabilities
April 15, 2024, 10:27 a.m. |
Ubuntu security notices ubuntu.com
with an initial ../ sequence, which allows attackers to conduct
directory traversal attacks and read arbitrary files. This issue only
affected Ubuntu 16.04 LTS. (CVE-2017-17042)
It was discovered that yard before 0.9.20 is affected by a path
traversal vulnerability, allowing HTTP requests to access arbitrary
files under certain conditions. This issue only affected Ubuntu 18.04
LTS. (CVE-2019-1020001)
Aviv Keller discovered that the "frames.html" file within the Yard
Doc's …
access arbitrary files attackers attacks block cve directory directory traversal files http http requests issue lts path path traversal path traversal vulnerability relative requests ubuntu ubuntu 16.04 usn vulnerabilities vulnerability
More from ubuntu.com / Ubuntu security notices
USN-6759-1: FreeRDP vulnerabilities
1 day, 8 hours ago |
ubuntu.com
USN-6757-1: PHP vulnerabilities
1 day, 11 hours ago |
ubuntu.com
USN-6744-3: Pillow vulnerability
1 day, 12 hours ago |
ubuntu.com
USN-6734-2: libvirt vulnerabilities
1 day, 13 hours ago |
ubuntu.com
USN-6733-2: GnuTLS vulnerabilities
1 day, 13 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Senior Security Architect - Northwest region (Remote)
@ GuidePoint Security LLC | Remote
Senior Consultant, Cyber Security Architecture
@ 6point6 | Manchester, United Kingdom
Junior Security Architect
@ IQ-EQ | Port Louis, Mauritius
Senior Detection & Response Engineer
@ Expel | Remote
Cyber Security Systems Engineer ISSE Splunk
@ SAP | Southbank (Melbourne), VIC, AU, 3006