CVE-2023-26485

[charles-plessy]

Hello, the cmark version in this R package is affected by CVE-2023-26485. I am not sure about the practical impact on the package, but to clear the issue out of the way, would it be possible to upgrade? Thanks!

[trbailey326]

Is there any ongoing effort to upgrade the cmark version used in this package? I see the vulnerability in cmark was patched in version 0.29.0.gfm.10 - https://www.cve.org/CVERecord?id=CVE-2023-26485.

[jeroen]

Go for it

[infotroph]

Was this fixed in #30?

[jeroen]

Yes, thanks