CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

Fedora 33 : python-pygments (2021-175e686ca6)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-175e686ca6 advisory. - Backport upstream patch to fix CVE 1922137 FEDORA-2021-175e686ca6 Note that Nessus has not tested for this issue but has instead relied only on the...

Fedora 32 : python-pygments (2021-33abbae37b)

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-33abbae37b advisory. - Security fix for PUT CVEs HERE FEDORA-2021-33abbae37b Note that Nessus has not tested for this issue but has instead relied only on the application's...

Fedora: Security Advisory for python-pygments (FEDORA-2021-33abbae37b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python-pygments (FEDORA-2021-175e686ca6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 32 Update: python-pygments-2.4.2-8.fc32

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

[SECURITY] Fedora 33 Update: python-pygments-2.6.1-5.fc33

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

Denial Of Service (DoS)

pygments is vulnerable to denial of service DoS. The vulnerability exists through an infinite loop in the SML lexer through the lookahead-only regular expression pattern used...

PT-2021-3609 · Pypi +9 · Pygments +9

Name of the Vulnerable Software and Affected Versions: Pygments versions 1.1 through 2.7.3 Description: The issue is related to the use of regular expressions in the Pygments syntax highlighting program. Some of the regular expressions have exponential or cubic worst-case complexity and are...

PT-2020-6145 · Pygments +10 · Pygments +10

Name of the Vulnerable Software and Affected Versions: Pygments versions 1.5 to 2.7.3 Description: The issue is related to an infinite loop in the SMLLexer function of the Pygments library. This can lead to a denial of service when performing syntax highlighting of a Standard ML SML source file...

python36:3.6 bug fix and enhancement update

An update is available for python-pymongo, python-docutils, python-pygments, python-PyMySQL, python-docs, python36, python-virtualenv, python-distro, python-nose, python-wheel, scipy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

python36:3.6 bug fix update

An update is available for python-docutils, python-pygments, python-PyMySQL, python-docs, python36, python-nose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

python27:2.7 security update

Cython 0.28.1-7 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 PyYAML 3.12-16 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 babel 2.5.1-9 - Bumping due to problems with modular RPM upgrade path 1695587 - Related:...

python36:3.6 security update

python-PyMySQL 0.8.0-10 - Bumping due to problems with modular RPM upgrade path 1695587 - Related: rhbz1693974 python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 python-docutils 0.14-12 - Bumping due to problems with modular RPM upgrade path 169558...

AZL-40759 CVE-2019-11358 affecting package python-pygments for versions less than 2.7.4-1

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting Vulnerability

A vulnerability was found in the SyntaxHighlight MediaWiki extension. Using this vulnerability it is possible for an anonymous attacker to pass arbitrary options to the Pygments library. By specifying specially crafted options, it is possible for an attacker to trigger a stored cross site scripti...

SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting

------------------------------------------------------------------------ SyntaxHighlight MediaWiki extension allows injection of arbitrary Pygments options ------------------------------------------------------------------------ Yorick Koster, February 2017...

GLSA-201612-05 : Pygments: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201612-05 Pygments: Arbitrary code execution A vulnerability in FontManagers getnixfontpath function allows shell metacharacters to be passed in a font name. Impact : A remote attacker could possibly execute arbitrary code with th...

Pygments: Arbitrary code execution

Background Pygments is a generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code. Description A vulnerability in FontManager’s getnixfontpath function allows shell metacharacters to be passed in a font name. Impact A remot...

Fedora 23 : python-pygments-2.0.2-3.fc23 (2015-c045f2ab1a)

python-pygments-2.0.2-3.fc22 - Backport patch to fix font manager shell injection for BZ1276321 python-pygments-2.0.2-3.fc23 - Backport patch to fix font manager shell injection for BZ1276321 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...