Search CVE reports
1 – 4 of 4 results
CVE-2022-40896
Medium priorityA ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.
1 affected packages
pygments
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pygments | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-27291
Medium prioritySome fixes available 13 of 25
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By...
2 affected packages
eric, pygments
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
eric | Vulnerable | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation |
pygments | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2021-20270
Medium priorityAn infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
1 affected packages
pygments
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pygments | — | Fixed | Fixed | Fixed | Fixed |
CVE-2015-8557
Medium priorityThe FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
1 affected packages
pygments
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pygments | — | — | — | — | — |