Pygments@2.4.0 vulnerabilities

Pygments is a syntax highlighting package written in Python.

Known vulnerabilities in the Pygments package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expressions in `SqlJinjaLexer` class. Exploiting this vulnerability is possible when processing `Smithy`, `SQL`/`SQL+Jinja`, or `Java` properties files from an untrusted source. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `Pygments` to version 2.15.0 or higher.	[,2.15.0)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS). An infinite loop exists in `SMLLexer` that may lead to denial of service. This occurs when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by an input that only contains the "exception" keyword. How to fix Denial of Service (DoS)? Upgrade `Pygments` to version 2.7.4 or higher.	[1.5,2.7.4)
H Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). The lexers used to parse programming languages rely heavily on regular expressions. Some of these have exponential or cubic worst-case complexity and can be abuse by crafting malicious input. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `Pygments` to version 2.7.4 or higher.	[1.1,2.7.4)