Lucene search
+L

22 matches found

ibm
ibm
added 2026/06/17 3:28 p.m.8 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in pygments-2.19.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in pygments-2.19.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-34483 DESCRIPTION: Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache...

7.5CVSS5.4AI score0.21691EPSS
Exploits6Affected Software1
ibm
ibm
added 2026/06/01 11:47 a.m.14 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

4.8CVSS5.4AI score0.00156EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/21 2:46 p.m.11 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments [CVE-2026-4539]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Uncontrolled Resource Consumption in pygments, due to a flaw in function AdlLexer of the file pygments/lexers/archetype.py that results in inefficient regular expression complexity CVE-2026-4539. Pygments is used in our speech...

4.8CVSS5.3AI score0.00156EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/05/06 4:4 a.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in pygments-2.19.2-py3-none-any.whl

Summary IBM Watson Discovery Cartridge affected by vulnerability in pygments-2.19.2-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...

4.8CVSS5.3AI score0.00156EPSS
Exploits0Affected Software1
vulnersosv
vulnersosv
added 2026/03/22 6:30 a.m.5 views

a-mailx (=0.1.0), a2grunnerp (>=0.1.0 <=0.1.8) +1635 more potentially affected by CVE-2026-4539 via pygments (>=1.6.0 <=2.1.3)

pygments PYPI version =1.6.0, =0.1.0, =0.1.0, =0.0.2, =2.0.0.1, =0.1.2, =0.0.1, =0.3.4, =0.4.0, =0.0.6, =0.1.0, =0.1.2 and more Source cves: CVE-2026-4539 Source advisory: OSV:GHSA-5239-WWWM-4PMQ...

4.8CVSS5.8AI score0.00156EPSS
Exploits0
nessus
nessus
added 2026/03/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-4539

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The...

4.8CVSS5.8AI score0.00156EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-0207

Malware in sbrugna...

7.5CVSS7.4AI score0.02707EPSS
Exploits0References21
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0026

Malware in sbrugna...

9.3CVSS8.9AI score0.06664EPSS
Exploits0References18
nessus
nessus
added 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-27291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have...

7.5CVSS6.7AI score0.03832EPSS
Exploits1References2
nessus
nessus
added 2025/02/10 12:0 a.m.8 views

Azure Linux 3.0 Security Update: python-pygments (CVE-2021-20270)

The version of python-pygments installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-20270 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 May lead to denial of service when...

7.5CVSS7.5AI score0.02707EPSS
Exploits0References2
ubuntu
ubuntu
added 2024/11/26 1:43 p.m.244 views

USN-7128-1: Pygments vulnerability

Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service...

5.5CVSS6.3AI score0.00503EPSS
Exploits1
nessus
nessus
added 2024/11/26 12:0 a.m.8 views

Ubuntu 22.04 LTS : Pygments vulnerability (USN-7128-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7128-1 advisory. Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denia...

5.5CVSS6.3AI score0.00503EPSS
Exploits1References2
osv
osv
added 2021/03/30 4:33 p.m.6 views

USN-4897-1 pygments vulnerability

Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service...

7.5CVSS6.9AI score0.03832EPSS
Exploits1References2
nessus
nessus
added 2021/03/30 12:0 a.m.40 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Pygments vulnerability (USN-4897-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4897-1 advisory. Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a...

7.5CVSS7.5AI score0.03832EPSS
Exploits1References2
cnvd
cnvd
added 2021/03/25 12:0 a.m.6 views

Pygments Denial of Service Attack Vulnerability

Pygments is a general-purpose syntax highlighting tool for code hosting, forums, wikis, or other applications that need to beautify their source code. A denial of service vulnerability exists in Pygments versions 1.5 through 2.7.3. The vulnerability arises due to an infinite loop in the SMLLexer ...

7.5CVSS6.8AI score0.02707EPSS
Exploits0References1
nessus
nessus
added 2021/03/23 12:0 a.m.47 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Pygments vulnerability (USN-4885-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4885-1 advisory. It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially...

7.5CVSS7.5AI score0.02707EPSS
Exploits0References2
veracode
veracode
added 2021/03/18 5:32 a.m.30 views

Regular Expression Denial Of Service (ReDoS)

pygments is vulnerable to regular expression denial of service. An attacker is able to crash the application by submitting a malicious string via Lexer for Values used in ADL and ODIN...

7.5CVSS3.7AI score0.03832EPSS
Exploits1References11Affected Software13
osv
osv
added 2021/03/17 1:15 p.m.5 views

AZL-35138 CVE-2021-27291 affecting package python-pygments for versions less than 2.7.4-1

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

7.5CVSS6.9AI score0.03832EPSS
Exploits1References1
ubuntucve
ubuntucve
added 2021/03/17 1:15 p.m.38 views

CVE-2021-27291

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

7.5CVSS6.9AI score0.03832EPSS
Exploits1References4
osv
osv
added 2019/04/20 12:29 a.m.7 views

AZL-40759 CVE-2019-11358 affecting package python-pygments for versions less than 2.7.4-1

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype...

6.1CVSS6.7AI score0.87218EPSS
Exploits4References1
Rows per page
Query Builder