EPSS
Percentile
65.7%
yard is vulnerable to directory traversal. The vulnerability exists as it is possible to access arbitrary files on the yard server machine through unsanitized HTTP requests.
github.com/lsegal/yard/commit/6d8b9b9c71e45fd1c887545b579399931dc2466e
github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr