Lucene search
MitreCVELIST:CVE-2015-8557HistoryJan 08, 2016 - 8:00 p.m.
CVE-2015-8557
2016-01-0820:00:00
mitre
www.cve.org
4
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
References
packetstormsecurity.com/files/133823/Pygments-FontManager._get_nix_font_path-Shell-Injection.html
seclists.org/fulldisclosure/2015/Oct/4
www.debian.org/security/2016/dsa-3445
www.openwall.com/lists/oss-security/2015/12/14/17
www.openwall.com/lists/oss-security/2015/12/14/6
www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
www.ubuntu.com/usn/USN-2862-1
bitbucket.org/birkenfeld/pygments-main/pull-requests/501/fix-shell-injection-in/diff
security.gentoo.org/glsa/201612-05
Related
nessus
nessus
GLSA-201612-05 : Pygments: Arbitrary code execution
2016-12-05 00:00:00
EulerOS 2.0 SP3 : python-pygments (EulerOS-SA-2022-1185)
2022-02-23 00:00:00
RHEL 7 : python-pygments (Unpatched Vulnerability)
2024-06-03 00:00:00
amazon
amazon
Important: python-pygments
2015-12-14 15:14:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0478)
2015-12-18 00:00:00
Huawei EulerOS: Security Advisory for python-pygments (EulerOS-SA-2024-1162)
2024-02-09 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-630)
2015-12-16 00:00:00
mageia
mageia
Updated python-pygments packages fix security vulnerability
2015-12-17 23:19:23
github
github
Command Injection in Pygments
2022-05-17 02:37:56
debian
debian
[SECURITY] [DSA 3445-1] pygments security update
2016-01-13 22:13:38
[SECURITY] [DLA 369-1] pygments security update
2015-12-15 18:25:47
[SECURITY] [DSA 3445-1] pygments security update
2016-01-13 22:13:38
osv
osv
PYSEC-2016-32
2016-01-08 20:59:00
Command Injection in Pygments
2022-05-17 02:37:56
pygments - security update
2015-12-15 00:00:00
nvd
nvd
CVE-2015-8557
2016-01-08 20:59:02
gentoo
gentoo
Pygments: Arbitrary code execution
2016-12-04 00:00:00
prion
prion
Design/Logic Flaw
2016-01-08 20:59:00
ubuntucve
ubuntucve
CVE-2015-8557
2015-12-16 00:00:00
ubuntu
ubuntu
Pygments vulnerability
2016-01-07 00:00:00
freebsd
freebsd
pygments -- shell injection vulnerability
2015-09-28 00:00:00
debiancve
debiancve
CVE-2015-8557
2016-01-08 20:59:02
cve
cve
CVE-2015-8557
2016-01-08 20:59:02