Impact
comrak is vulnerable to the upstream cmark issue, "Issue revealed by fuzzer". A large number of references in a markdown document can trigger an overly large response.
Patches
0.17.0 contains 70f97f3, which limits reference output to a 100Kb maximum.
Workarounds
n/a
References
philipturnbull Finder
Impact
comrak is vulnerable to the upstream cmark issue, "Issue revealed by fuzzer". A large number of references in a markdown document can trigger an overly large response.
Patches
0.17.0 contains 70f97f3, which limits reference output to a 100Kb maximum.
Workarounds
n/a
References