Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pygments pygments vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2015-8557
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 up to and including 2.0.2 allows remote malicious users to execute arbitrary commands via shell metacharacters in a font name.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Pygments Pygments 1.6
Pygments Pygments 2.0
Pygments Pygments 1.3.1
Pygments Pygments 2.0.1
Pygments Pygments 1.4
Pygments Pygments 1.3
Pygments Pygments 1.5
Pygments Pygments 1.2.2
790
VMScore
CVE-2017-0372
Parameters injection in the SyntaxHighlight extension of Mediawiki prior to 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
Mediawiki Mediawiki 1.27.0
Mediawiki Mediawiki 1.28.0
Mediawiki Mediawiki 1.28.1
Mediawiki Mediawiki 1.27.2
Mediawiki Mediawiki
Mediawiki Mediawiki 1.27.1
Debian Debian Linux 7.0
Debian Debian Linux 9.0
446
VMScore
CVE-2021-27291
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a ...
Pygments Pygments
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
445
VMScore
CVE-2021-20270
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
Pygments Pygments
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 10.0
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
NA
CVE-2022-40896
A ReDoS issue exists in pygments/lexers/smithy.py in pygments up to and including 2.15.0 via SmithyLexer.
Pygments Pygments
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started