CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

DEBIAN-CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

AZL-35139 CVE-2022-40896 affecting package python-pygments for versions less than 2.4.2-1

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

a2grunnerp (>=0.1.0 <=0.1.8), abuseipdb-wrapper (=0.1.7) +403 more potentially affected by CVE-2022-40896 via pygments (>=1.6.0 <=2.15.0)

pygments PYPI version =1.6.0, =0.1.0, =2.0.0.1, =0.0.1, =1.3.0, =0.3.2, =0.4.0, =1.0.0, =0.4.0, =4.2.0, =4.2.3 and more Source cves: CVE-2022-40896 Source advisory: OSV:PYSEC-2023-117...

PYSEC-2023-117

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

Authentication flaw

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

UBUNTU-CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

PYSEC-2023-117

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

Matthäus G. Chajdas pygments 代码问题漏洞

Matthäus G. Chajdas pygments is a Matthäus G. Chajdas open source application. It provides generic syntax highlighting tool functionality. A security vulnerability exists in pygments 2.15.0 and earlier versions, which stems from a regular expression denial of service ReDoS vulnerability in...

PT-2023-8449

Name of the Vulnerable Software and Affected Versions Pygments versions prior to 2.15.0 Description A ReDoS issue was discovered in pygments/lexers/smithy.py via SmithyLexer. The issue is related to the use of a regular expression with inefficient computational complexity. Exploitation of the iss...

Medium: python3-pygments

Issue Overview: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a...

CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

CVE-2022-40896

CVE-2022-40896 : A ReDoS in Pygments’ SmithyLexer (pygments/lexers/smithy.py) affects pygments up to version 2.15.0. Exploitation could cause a denial of service via crafted Smithy inputs. Connected sources confirm the issue and attribution but do not specify a fixed patch/version. Remediation: u...

CVE-2022-40896

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer...

Debian: Security Advisory (DLA-369-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML source file, as demonstrated by input that only contains the "exception" keyword...

SUSE CVE-2021-27291

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service...

CVE-2022-40896 affecting package python-pygments for versions less than 2.4.2-1

CVE-2022-40896 affecting package python-pygments for versions less than 2.4.2-1. A patched version of the package is available...