49 matches found
EUVD-2016-0026
Malware in sbrugna...
EUVD-2023-36535
Malicious code in bioql PyPI...
RHEL 6 : python-pygments (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-pygments: Shell injection in FontManager.getnixfontpath CVE-2015-8557 Note that Nessus has not tested for th...
RHEL 7 : python-pygments (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-pygments: Shell injection in FontManager.getnixfontpath CVE-2015-8557 Note that Nessus has not tested for th...
EulerOS 2.0 SP5 : python-pygments (EulerOS-SA-2024-1162)
According to the versions of the python-pygments package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrar...
CVE-2023-32281
The affected application lacks proper validation of user-supplied data when parsing project files e.g., CSP. This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2023-32281
The affected application lacks proper validation of user-supplied data when parsing project files e.g., CSP. This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2023-32281
CVE-2023-32281 corresponds to a vulnerability in Horner Automation software where parsing CSP project files can trigger an out-of-bounds read in the FontManager, potentially allowing arbitrary code execution in the affected process. The issue is tied to improper validation of user-supplied data d...
Command Injection in Pygments
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
GHSA-FFF8-4W9P-7V76 Command Injection in Pygments
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
Huawei EulerOS: Security Advisory for python-pygments (EulerOS-SA-2022-1185)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : python-pygments (EulerOS-SA-2022-1185)
According to the versions of the python-pygments package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrar...
GLSA-201612-05 : Pygments: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201612-05 Pygments: Arbitrary code execution A vulnerability in FontManagers getnixfontpath function allows shell metacharacters to be passed in a font name. Impact : A remote attacker could possibly execute arbitrary code with th...
Pygments: Arbitrary code execution
Background Pygments is a generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code. Description A vulnerability in FontManager’s getnixfontpath function allows shell metacharacters to be passed in a font name. Impact A remot...
CVE-2015-8557
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
Design/Logic Flaw
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
PYSEC-2016-32
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
CVE-2015-8557
CVE-2015-8557 affects Pygments up to version 2.0.2. The vulnerability lies in FontManager._get_nix_font_path (formatters/img.py) where font names containing shell metacharacters can lead to arbitrary command execution. Several sources (GHSA advisory, GLSA, Debian security notes, CNVD/Chinese trac...
CVE-2015-8557
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
CVE-2015-8557
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...