CVE-2024-27285 : YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.

Published 2024-02-28 20:15:42

Updated 2025-02-14 15:31:24

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2024-27285

Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 38
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Matching versions
Yardoc » Yard
Versions before (<) 0.9.36
cpe:2.3:a:yardoc:yard:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2024-27285

EPSS FAQ

1.76%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-27285

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	NIST	2025-02-14
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None
5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N	2.8	2.5	GitHub, Inc.	2024-02-28
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2024-27285

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)

References for CVE-2024-27285

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MR3Z2E2UIZZ7YOR7R645EVSBGWMB2RGA/

[SECURITY] Fedora 38 Update: rubygem-yard-0.9.36-1.fc38 - package-announce - Fedora Mailing-Lists
Mailing List
https://lists.debian.org/debian-lts-announce/2024/03/msg00006.html

[SECURITY] [DLA 3753-1] yard security update
Mailing List

CVEs referencing this url
https://github.com/lsegal/yard/commit/1fcb2d8b316caf8779cfdcf910715e9ab583f0aa

Merge pull request #1538 from RedYetiDev/patch-2 · lsegal/yard@1fcb2d8 · GitHub
Patch
https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be

Merge pull request from GHSA-8mq4-9jjh-9xrc · lsegal/yard@2069e2b · GitHub
Patch
https://github.com/lsegal/yard/pull/1538

Update frames.erb for better XSS check by RedYetiDev · Pull Request #1538 · lsegal/yard · GitHub
Issue Tracking;Patch
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/yard/CVE-2024-27285.yml

ruby-advisory-db/gems/yard/CVE-2024-27285.yml at master · rubysec/ruby-advisory-db · GitHub
Exploit;Third Party Advisory
https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc

[v0.9.34] XSS in generated frames.html of default YARD template · Advisory · lsegal/yard · GitHub
Exploit;Vendor Advisory

Jump to

Vulnerability Details : CVE-2024-27285

Products affected by CVE-2024-27285

Exploit prediction scoring system (EPSS) score for CVE-2024-27285

CVSS scores for CVE-2024-27285

CWE ids for CVE-2024-27285

References for CVE-2024-27285