395 matches found
UBUNTU-CVE-2026-58030
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...
CVE-2026-58030
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation SyntaxHighlightGeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlightGeSHi: from before 1.46.0,...
PYSEC-2026-301 Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering
Summary An unauthenticated attacker who can submit events to a Bugsink project can store arbitrary JavaScript in an event. The payload executes only if a user explicitly views the affected Stacktrace in the web UI. Details When Pygments returns more lines than it was given a known upstream quirk...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in pygments-2.19.2-py3-none-any.whl
Summary IBM Watson Discovery Cartridge affected by vulnerabilities in pygments-2.19.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-34483 DESCRIPTION: Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache...
openSUSE 16 Security Update : python-Pygments (openSUSE-SU-2026:20931-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20931-1 advisory. This update for python-Pygments fixes the following issue: - CVE-2026-4539: Denial of Service via inefficient regular expression processing in AdlLexer...
Security update for python-Pygments (low)
openSUSE security update: security update for python-pygments ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20931-1 Rating: low References: bsc1260796 Cross-References: CVE-2026-4539 CVSS scores: CVE-2026-4539 SUSE : 3.3...
EulerOS 2.0 SP13 : python-pygments (EulerOS-SA-2026-2355)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...
EulerOS 2.0 SP13 : python-pygments (EulerOS-SA-2026-2312)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...
OPENSUSE-SU-2026:20931-1 Security update for python-Pygments
This update for python-Pygments fixes the following issue: - CVE-2026-4539: Denial of Service via inefficient regular expression processing in AdlLexer bsc1260796...
SUSE-SU-2026:22093-1 Security update for python-Pygments
This update for python-Pygments fixes the following issue: - CVE-2026-4539: Denial of Service via inefficient regular expression processing in AdlLexer bsc1260796...
SUSE-SU-2026:22058-1 Security update for python-Pygments
This update for python-Pygments fixes the following issue: - CVE-2026-4539: Denial of Service via inefficient regular expression processing in AdlLexer bsc1260796...
ROOT-APP-PYPI-CVE-2022-40896 CVE-2022-40896 in rootio-Pygments - Patched by Root
Root has patched CVE-2022-40896 in the rootio-Pygments package for Root:PyPI. Multiple fixed versions available...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539
Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments [CVE-2026-4539]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments, due to a flaw in function AdlLexer of the file pygments/lexers/archetype.py that results in inefficient regular expression complexity CVE-2026-4539. Pygments is used in our speech...
Astra Linux – Vulnerability in pygments
In pygments 1.1+ and fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of these regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS attacks. By introducing malicious input, an attacker can cause a...
Astra Linux – Vulnerability in pygments
An infinite loop in the SMLLexer of Pygments versions 1.5 to 2.7.3 may lead to a denial of service when performing syntax highlighting of a Standard ML SML source file. This issue is observed when the input only contains the “exception” keyword...
Astra Linux - уязвимость в pygments
A ReDoS issue was discovered in the pygments/lexers/smithy.py file within pygments, as of version 2.15.0, due to the use of SmithyLexer...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017493)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017493 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponentia...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017482)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017482 advisory. An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as...
Security Bulletin: IBM Maximo Application Suite - IoT Component uses multiple third party dependencies which is vulnerable to multiple CVEs.
Summary IBM Maximo Application Suite - IoT Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl, pyasn1-0.6.2-py3-none-any.whl, requests-2.32.5-py3-none-any.whl, bcprov-jdk18on-1.83.jar, pygments-2.19.2-py3-none-any.whl,...