CVE-2024-22051

Name of the Vulnerable Software and Affected Versions CommonMarker versions prior to 0.23.4

Description The issue is related to an integer overflow vulnerability in the CommonMarker library. This vulnerability can be exploited by remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution. The vulnerability occurs when parsing tables with marker rows that contain more than UINT16 MAX columns.

Recommendations For CommonMarker versions prior to 0.23.4, update to version 0.23.4 to resolve the issue. As a temporary workaround, consider disabling the use of the table extension in cmark-gfm to prevent the vulnerability from being triggered.