Name | CVE-2018-17567 |
Description | Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more) |
References | DLA-1541-1 |
NVD severity | medium |
Debian Bugs | 909933 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.