392 matches found
Mageia: Security Advisory (MGASA-2024-0107)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0107 Updated python-pygments packages fix security vulnerability
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
Updated python-pygments packages fix security vulnerability
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...
[SECURITY] Fedora 38 Update: python-pygments-2.14.0-2.fc38
Pygments is a generic syntax highlighter suitable for use in code hosting, forums, wikis or other applications that need to prettify source code. Highlights are: a wide range of over 500 languages and other text formats is supported special attention is paid to details that increase highlighting...
Fedora: Security Advisory for python-pygments (FEDORA-2024-8eaf80107a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : python-pygments (2024-8eaf80107a)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8eaf80107a advisory. Security fix for CVE-2022-40896 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Important) (RHSA-2024:1057)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1057 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...
Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Container Release Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
pygments: ReDoS in pygments
A denial-of-service vulnerability related to regular expressions was discovered in Pygments, specifically in the file pygments/lexers/smithy.py. An attacker could exploit this flaw by sending a carefully crafted request, leading to a denial-of-service situation...
Huawei EulerOS: Security Advisory for python-pygments (EulerOS-SA-2024-1162)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : python-pygments (EulerOS-SA-2024-1162)
According to the versions of the python-pygments package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrar...
[SECURITY] Fedora 38 Update: mingw-python-pygments-2.15.1-1.fc38
MinGW Windows Python Pygments library...
Fedora: Security Advisory for mingw-python-pygments (FEDORA-2024-db87ce2a47)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : mingw-python-pygments (2024-db87ce2a47)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-db87ce2a47 advisory. Update to 2.15.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
The vulnerability in the file pygments/lexers/smithy.py of the SmithyLexer component of the Pygments syntax highlighter allows a hacker to cause a service failure.
The vulnerability in the pygments/lexers/smithy.py file of the SmithyLexer component of the Pygments syntax highlighter is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause a service failure...
EulerOS 2.0 SP11 : python-pygments (EulerOS-SA-2023-3019)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer. CVE-2022-40896 Note that Tenable...
EulerOS 2.0 SP11 : python-pygments (EulerOS-SA-2023-3042)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer. CVE-2022-40896 Note that Tenable...
Security Bulletin: IBM Maximo Application Suite - IoT Component uses Pygments-2.14.0-py3-none-any.whl which is vulnerable to CVE-2022-40896
Summary IBM Maximo Application Suite - IoT Component uses Pygments-2.14.0-py3-none-any.whl which is vulnerable to CVE-2022-40896. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2022-40896 DESCRIPTION: Pygments is vulnerable to a...
Security Bulletin: IBM Cinder plug-in is affected by a vulnerability in the Python Pygments-2.14.0 package [CVE-2022-40896]
Summary The Python Pygments package, a syntax highlighting package, is used by IBM Cinder plug-in. Pygments-2.14.0 is vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expressions in SqlJinjaLexer class vulnerability CVE-2022-40896. Vulnerability Detail...
CVE-2022-40896
A denial-of-service vulnerability related to regular expressions was discovered in Pygments, specifically in the file pygments/lexers/smithy.py. An attacker could exploit this flaw by sending a carefully crafted request, leading to a denial-of-service situation. Mitigation Mitigation for this iss...