Potential security issue

vsch / flexmark-java

CommonMark/Markdown Java parser with source level AST. CommonMark 0.28, emulation of: pegdown, kramdown, markdown.pl, MultiMarkdown. With HTML to MD, MD to PDF, MD to DOCX conversion modules.

BSD 2-Clause "Simplified" License

2.21k stars 260 forks source link

Potential security issue #572

Closed psmoros closed 1 year ago

psmoros commented 1 year ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@poppingsnack) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

vsch commented 1 year ago

Added Security.md file. Issues should be reported either by opening an issue or e-mailing to the e-mail shown in the GitHub account profile.