MGASA-2026-0090 Updated python-pygments packages fix security vulnerability

A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. CVE-2026-4539...

SUSE CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the AdlLexer class in the archetype.py file. A user can cause excessive resource consumption. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

UBUNTU-CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

CVE-2026-4539

A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released...

Matthäus G. Chajdas pygments 安全漏洞

Matthäus G. Chajdas’ pygments is an open-source application developed by Matthäus G. Chajdas. It provides a general-purpose syntax highlighting tool. Versions of Matthäus G. Chajdas’ pygments prior to 2.19.2 contained security vulnerabilities. These vulnerabilities were caused by inefficient...

CLSA-2026-1770213583 Update of microcode_ctl

Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

CLSA-2026-1770213436 Update of microcode_ctl

Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

Malicious code in adl-commons-lib-node-pp-parameter-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c31f2a945e64c66f470f0fd05f5096d25dccd70f1efe9f48eefc252686506e7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2356 Malicious code in adl-commons-lib-node-pp-parameter-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c31f2a945e64c66f470f0fd05f5096d25dccd70f1efe9f48eefc252686506e7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE-SU-2024:4053-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20241112 release bsc1233313 - CVE-2024-21853: Faulty finite state machines FSMs in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially...

MAL-2024-8012 Malicious code in @avaldigitallabs/adl-pfm-lib-web-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95ed6f4ad493c3bd3069194fa08ab5dd589b970ecc22219f0b5bf9162b0ecfa9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-41092 drm/i915/gt: Fix potential UAF by revoke of fence registers

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been sporadically reporting the following issue triggered by igt@i915selftest@live@hangcheck on ADL-P and similar machines: 414.049203 i915: Running...

CVE-2023-23631

The CVE-2023-23631 entry affects github.com/ipfs/go-unixfsnode, an ADL IPLD prime node that wraps go-codec-dagpb protobuf to enable pathing. The root cause is a bogus fanout parameter in HAMT directory nodes, and reading malformed HAMT sharded directories can trigger panics and virtual memory lea...

CVE-2023-23631 HAMT Decoding Panics in github.com/ipfs/go-unixfsnode

github.com/ipfs/go-unixfsnode is an ADL IPLD prime node that wraps go-codec-dagpb's implementation of protobuf to enable pathing. In versions priot to 1.5.2 trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an...

CVE-2023-23631 HAMT Decoding Panics in github.com/ipfs/go-unixfsnode

github.com/ipfs/go-unixfsnode is an ADL IPLD prime node that wraps go-codec-dagpb's implementation of protobuf to enable pathing. In versions priot to 1.5.2 trying to read malformed HAMT sharded directories can cause panics and virtual memory leaks. If you are reading untrusted user input, an...

Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2022-33939

CENTUM VP / CS 3000 controller FCS CP31, CP33, CP345, CP401, and CP451 contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service DoS condition in ADL communication by sending a...

CVE-2022-33939

CENTUM VP / CS 3000 controller FCS CP31, CP33, CP345, CP401, and CP451 contains an issue in processing communication packets, which may lead to resource consumption. If this vulnerability is exploited, an attacker may cause a denial of service DoS condition in ADL communication by sending a...