This repository has been archived by the owner on Oct 21, 2022. It is now read-only.
CVE-2018-17567 High Severity Vulnerability detected by WhiteSource #15
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
CVE-2018-17567 - High Severity Vulnerability
Jekyll is a simple, blog aware, static site generator.
path: /gems/2.3.0/cache/jekyll-3.0.1.gem
Library home page: https://rubygems.org/gems/jekyll-3.0.1.gem
Dependency Hierarchy:
Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file.
Publish Date: 2018-09-28
URL: CVE-2018-17567
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: