Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

380 matches found

CVE
CVEadded 2021/03/17 12:31 p.m.308 views

CVE-2021-27291

CVE-2021-27291 affects pygments: the regex-based lexers used to parse languages can exhibit exponential/cubic worst-case behavior, enabling ReDoS with crafted input and potentially causing DoS. The issue is documented as fixed in pygments 2.7.4. Connected advisories reference python-pygments upgr...

7.5CVSS7.4AI score0.034EPSS
Exploits1References9Affected Software1
Debian CVE
Debian CVEadded 2021/03/17 12:31 p.m.41 views

CVE-2021-27291

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

7.5CVSS8.1AI score0.034EPSS
Exploits1
FreeBSD
FreeBSDadded 2021/03/17 12:0 a.m.37 views

py-pygments -- multiple DoS vulnerabilities

Red Hat reports: An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword. Ben Caller reports: In pygments 1.1+, fixed in...

6.7AI score
Exploits0References4
CNNVD
CNNVDadded 2021/03/17 12:0 a.m.0 views

Matthäus G. Chajdas pygments 安全漏洞

Matthäus G. Chajdas pygments is an open source application by Matthäus G. Chajdas. Provides general syntax highlighting tool functionality. A security vulnerability exists in pygments 1.1+, which can be exploited by attackers to cause a denial of service...

7.5CVSS7.5AI score0.034EPSS
Exploits1References26
Tenable Nessus
Tenable Nessusadded 2021/03/15 12:0 a.m.28 views

Debian DSA-4870-1 : pygments - security update

It was discovered that Pygments, a syntax highlighting package written in Python, could be forced into an infinite loop, resulting in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4870. T...

7.5CVSS7.4AI score0.00223EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2021/03/15 12:0 a.m.38 views

Debian DLA-2590-1 : pygments security update

It was found that pygments, a generic syntax highlighter, is vulnerable to a CPU exhaustion attack via a crafted SML file. For Debian 9 stretch, this problem has been fixed in version 2.2.0+dfsg-1+deb9u1. We recommend that you upgrade your pygments packages. For the detailed security status of...

7.5CVSS7.2AI score0.00223EPSS
Exploits0References4
OpenVAS
OpenVASadded 2021/03/14 12:0 a.m.21 views

Debian: Security Advisory (DSA-4870-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00223EPSS
Exploits0References4
OpenVAS
OpenVASadded 2021/03/13 12:0 a.m.27 views

Debian: Security Advisory (DLA-2590-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.00223EPSS
Exploits0References4
Debian
Debianadded 2021/03/12 9:43 p.m.89 views

[SECURITY] [DSA 4870-1] pygments security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4870-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2021 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.00223EPSS
Exploits0
Debian
Debianadded 2021/03/12 10:8 a.m.90 views

[SECURITY] [DLA 2590-1] pygments security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2590-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 12, 2021 https://wiki.debian.org/LTS -...

7.5CVSS7.6AI score0.00223EPSS
Exploits0
OSV
OSVadded 2021/03/12 12:0 a.m.34 views

DSA-4870-1 pygments - security update

Bulletin has no description...

7.5CVSS7.7AI score0.00223EPSS
Exploits0
OSV
OSVadded 2021/03/12 12:0 a.m.36 views

DLA-2590-1 pygments - security update

Bulletin has no description...

7.5CVSS7.7AI score0.00223EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2021/03/09 4:10 p.m.4 views

python-pygments: Infinite loop in SML lexer may lead to DoS

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS7.4AI score0.00223EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2021/03/09 4:10 p.m.3 views

python-pygments: ReDoS in multiple lexers

A denial of service attack was discovered against pygments. Some of the regular expressions used to tokenise source code for highlighting have exponential complexity. A specially crafted input file could cause pygments to take effectively infinite time to parse, consuming CPU resources and denyin...

7.5CVSS7.4AI score0.034EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2021/03/09 4:10 p.m.78 views

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 1.2.2 security and bug fix update

An update is now available for Red Hat Ansible Automation Platform 1.2.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.7AI score0.41482EPSS
Exploits3References5
UbuntuCve
UbuntuCveadded 2021/03/09 12:0 a.m.33 views

CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS6.9AI score0.00223EPSS
Exploits0References3
OSV
OSVadded 2021/03/09 12:0 a.m.0 views

UBUNTU-CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

7.5CVSS6.9AI score0.00223EPSS
Exploits0References4
CNNVD
CNNVDadded 2021/03/09 12:0 a.m.1 views

Red Hat Ansible Automation 安全漏洞

Pygments is a general-purpose syntax highlighting tool for code hosting, forums, wikis, or other applications that need to beautify their source code. A denial of service vulnerability exists in Pygments versions 1.5 through 2.7.3. The vulnerability arises due to an infinite loop in the SMLLexer ...

7.5CVSS8.4AI score0.00223EPSS
Exploits0References22
Mageia
Mageiaadded 2021/03/05 4:15 p.m.14 views

Updated python-pygments packages fix a security vulnerability

Infinite loop in SML lexer may lead to DoS. When the SMLLexer gets fed the string "exception" it seems to loop indefinitely rhbz1922136...

1.5AI score
Exploits0References2
OSV
OSVadded 2021/03/05 4:15 p.m.2 views

MGASA-2021-0114 Updated python-pygments packages fix a security vulnerability

Infinite loop in SML lexer may lead to DoS. When the SMLLexer gets fed the string "exception" it seems to loop indefinitely rhbz1922136...

7AI score
Exploits0References3
Rows per page
Query Builder