jekyll 0.5.3
1 security vulnerability
found in version
0.5.3
Jekyll _config.yml privilege escalation
high severity CVE-2018-17567
high severity
CVE-2018-17567
Patched versions:
~> 3.6.3
, ~> 3.7.4
, >= 3.8.4
Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
Gem version without a license.
Unless a license that specifies otherwise is included, nobody can use, copy, distribute, or modify this library without being at risk of take-downs, shake-downs, or litigation.
This gem version is available.
This gem version has not been yanked and is still available for usage.