CVE-2018-17567
CVE-2018-17567 affects Jekyll prior to patched versions: 3.6.2 and earlier 3.7.x before 3.7.3, and 3.8.x before 3.8.3. The vulnerability arises from allowing a symlink in the include key of _config.yml to expose arbitrary files. Impact is exposure of information (confidentiality impact) with no i...