A flaw was found in rubygem-kramdown in versions prior to 2.3.0. The template option allows unintended read access or embedded Ruby code execution which is enabled in Kramdown by default. The highest threat from this vulnerability is to data confidentiality and integrity.