2 matches found
Pygments Arbitrary Command Execution Vulnerability
Pygments is a set of syntax highlighting tools that can be used in forums, wikis and other web applications with command line tools and development packages. A security vulnerability in the 'FontManager.getnixfontpath' function in Pygments' formatters/img.py file allows remote attackers to execut...
UBUNTU-CVE-2015-8557
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...