- >= 0.23.6
cmark-gfm for rendering Github Flavored
Markdown. A polynomial time complexity issue
in cmark-gfm’s autolink extension may lead to unbounded resource exhaustion
and subsequent denial of service.
This vulnerability has been patched in the following CommonMarker release:
Disable use of the autolink extension.