Closed
Description
A vulnerability has been found which allows attackers to gain read access to arbitrary files on the system. Please update to the gollum 4.0.1 (gem update gollum) ASAP.
The issue has been addressed in ce68a88.
Thanks to the JPCERT team for reporting the issue (JVN#27548431). A CVE has been requested.
Metadata
Assignees
Labels
No labels