392 matches found
CVE-2026-27614 Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering
Bugsink is a self-hosted error tracking tool. In versions prior to 2.0.13, an unauthenticated attacker who can submit events to a Bugsink project can store arbitrary JavaScript in an event. The payload executes only if a user explicitly views the affected Stacktrace in the web UI. When Pygments...
Azure Linux 3.0 Security Update: m2crypto / python-pygments (CVE-2019-11358)
The version of m2crypto / python-pygments installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-11358 advisory. - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles...
MiracleLinux 8 : resource-agents-4.1.1-98.el8 (AXSA:2021-2804:10)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2804:10 advisory. python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-20270 python-pygments: ReDoS in multiple lexers CVE-2021-27291 Tenable has...
MiracleLinux 8 : python36:3.6 (AXSA:2021-2854:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2854:01 advisory. python-pygments: Infinite loop in SML lexer may lead to DoS CVE-2021-20270 python-pygments: ReDoS in multiple lexers CVE-2021-27291 Tenable has...
MiracleLinux 8 : python27:2.7 (AXSA:2021-2829:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2829:01 advisory. python: Unsafe use of eval on data retrieved via HTTP in the test suite CVE-2020-27619 python-jinja2: ReDoS vulnerability in the urlize filter...
Malicious code in pygments-richstyle (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a965f61b1e51e6c96a8987633eaf2f23001320e4c6b884c33603230c66798e74 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
MAL-2025-191654 Malicious code in pygments-richstyle (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a965f61b1e51e6c96a8987633eaf2f23001320e4c6b884c33603230c66798e74 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...
EUVD-2016-0026
Malware in sbrugna...
EUVD-2021-0207
Malware in sbrugna...
EUVD-2021-0208
Malware in sbrugna...
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.
...
Linux Distros Unpatched Vulnerability : CVE-2021-27291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have...
TencentOS Server 4: python-pygments (TSSA-2025:0126)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0126 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: python-pygments (TSSA-2022:0180)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0180 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
After the owner removed the project from PyPI, another user uploaded a new version with non-working code
The pygments-style-solarized project was removed from PyPI by its owner on 2021-08-26.The GitHub repository was also updated to show unmaintained, and archived on 2025-08-31.Another user uploaded a new version, 100.10.7, which contains non-working code,with clear language that it intends to be a...
Azure Linux 3.0 Security Update: python-pygments (CVE-2021-20270)
The version of python-pygments installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-20270 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 May lead to denial of service when...
Azure Linux 3.0 Security Update: python-pygments (CVE-2021-27291)
The version of python-pygments installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-27291 advisory. - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on...
Ubuntu: Security Advisory (USN-7128-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7128-1 pygments vulnerability
Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service...
USN-7128-1: Pygments vulnerability
Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service...