RubyGems - jekyll - Versions - 3.0.0.pre.beta2 - Mend

jekyll 3.0.0.pre.beta2

1 security vulnerability found in version 3.0.0.pre.beta2

Jekyll _config.yml privilege escalation

high severity CVE-2018-17567

Patched versions: ~> 3.6.3, ~> 3.7.4, >= 3.8.4

Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file.

No officially reported memory leakage issues detected.

This gem version does not have any officially reported memory leaked issues.

No license issues detected.

This gem version has a license in the gemspec.

This gem version is available.

This gem version has not been yanked and is still available for usage.