An integer overflow in cmark-gfm’s table row parsing may lead to heap memory corruption when parsing tables who’s marker rows contain more than UINT16_MAX columns.
Disabling any use of the table extension of cmark-gfm will prevent this vulnerability from being triggered.