RUSTSEC-2021-0026: comrak: XSS in `comrak` February 21, 2021 Description The comrak we were matching unsafe URL prefixes, such as data: or javascript: , in a case-sensitive manner. This meant prefixes like Data: were untouched. More Info https://github.com/kivikakk/comrak/releases/tag/0.9.1 Patched Versions >=0.9.1