Closed charles-plessy closed 5 months ago
Is there any ongoing effort to upgrade the cmark version used in this package? I see the vulnerability in cmark was patched in version 0.29.0.gfm.10 - https://www.cve.org/CVERecord?id=CVE-2023-26485.
Go for it
Was this fixed in #30?
Yes, thanks
Hello, the cmark version in this R package is affected by CVE-2023-26485. I am not sure about the practical impact on the package, but to clear the issue out of the way, would it be possible to upgrade? Thanks!