Issued at: 2026-06-28
Updated at: 2026-06-30
Synopsis
Important: pandoc security update
Description
Pandoc is a markdown/markup conversion tool. The version of pandoc in Rocky Linux 8 CRB uses cmark-gfm (GitHub's extended version of the C reference implementation of CommonMark) for parts of its conversion. The update, fixes CVE-2022-24724: an integer overflow in cmark-gfm's table row parsing which may lead to heap memory corruption when parsing tables with more than UINT16_MAX columns.
Security Fix(es):
* cmark-gfm: possible RCE due to integer overflow (CVE-2022-24724)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.