Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2022-40896

Medium priority

Some fixes available 1 of 6

A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.

1 affected package

pygments

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pygments Not affected Fixed Ignored Ignored Not affected
Show less packages

CVE-2021-27291

Medium priority

Some fixes available 13 of 25

In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By...

2 affected packages

eric, pygments

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
eric Vulnerable Vulnerable Needs evaluation Needs evaluation Needs evaluation
pygments Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-20270

Medium priority
Fixed

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

1 affected package

pygments

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pygments Fixed Fixed Fixed Fixed
Show less packages

CVE-2015-8557

Medium priority
Fixed

The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.

1 affected package

pygments

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
pygments
Show less packages