has security vulnerabilities points to MathJax 2.7.2.

MathJax 2.7.2 is affected by the following vulnerabilities: (fixed by 2.7.4) (still present in 2.7.9, disputed by vendor)

I recommend the site point to 2.7.9, which should be backwards compatible with 2.7.2. The next version after 2.7.9 is 3.0, which has many breaking changes.

2.7.9 can be found at

See also MathJax 2.7.2 dependency has security vulnerabilities · Issue #2557 · rstudio/rmarkdown (

perhaps you could bump this issue ; I'm thinking its related :
Update to latest release of MathJax 2.7 · Issue #11535 · rstudio/rstudio (
" [cderv] has reached out to ask about the ownership of, but not yet received a response"

Thanks @mmitchell-w and @nirgrahamuk, I've sent a note to our internal folks.