Advisory Schema - Is :description a type of markdown/markup?

[istrasci]

Looking at the Schema section of the README, we can see that both gems and rubies have an associated description attribute that says

[String] (required): One or more paragraphs describing the vulnerability. It may contain multiple paragraphs.

My question is, does this text follow some type of markdown/markup formatting? I've seen several advisories that indicate so (containing # Headers, [Some Links](URL), etc.), but I'm wondering if that's coincidental, or if it's always the case. If so, which "flavour" does it follow? And do any of the other string attributes contain markdown/markup as well?

Basically, I'm doing some bundler-audit automation to email the vulnerabilities found. I'd like to run the :description (and possibly other attributes) through some converter to properly format the email HTML.

[postmodern]

description was not originally supposed to contain markdown, but markdown has gotten into it over the years, when copy/pasted from advisories. You could try to render description and then fallback to raw text on parse errors. Hope that helps.