Please see https://docs.readthedocs.io/page/security.html.
Security: readthedocs/readthedocs.org
Security
SECURITY.md
-
Cache poisoning: serving arbitrary content on documentation sitesGHSA-mp38-vprc-7hf5 published
Feb 14, 2023 by ericholscherHigh -
Path traversal: access to files from any projectGHSA-5w8m-r7jm-mhp9 published
Feb 1, 2023 by stsewdHigh -
Symlink following: Arbitrary file access from builder serverGHSA-hqwg-gjqw-h5wg published
Jan 12, 2023 by ericholscherModerate -
Cache poisoningGHSA-7fcx-wwr3-99jv published
Jan 16, 2023 by ericholscherModerate -
Symlink following: Arbitrary file access from builder serverGHSA-368m-86q9-m99w published
Dec 8, 2022 by ericholscherHigh -
XSS: Allow serving of arbitrary HTML files from main domainGHSA-98pf-gfh3-x3mp published
Nov 9, 2022 by ericholscherModerate -
CSRF from `readthedocs.io`/`readthedocs-hosted.com` and domains registered in the platformGHSA-3v5m-qmm9-3c6c published
Jun 15, 2021 by ericholscherHigh -
Open Redirect Issue affecting Read the Docs versions 5.12.3 and 5.13.0GHSA-625x-cj64-6j7h published
Apr 6, 2021 by ericholscherLow -
Open Redirect Issue affecting Read the Docs versions before 3.5.1GHSA-2mw9-4c46-qrcv published
Jun 11, 2019 by davidfischerLow
Learn more about advisories related to readthedocs/readthedocs.org in the GitHub Advisory Database