Vulnerability	Vulnerable Version
M Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expressions in `SqlJinjaLexer` class. Exploiting this vulnerability is possible when processing `Smithy`, `SQL`/`SQL+Jinja`, or `Java` properties files from an untrusted source. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `Pygments` to version 2.15.0 or higher.	[,2.15.0)
H Denial of Service (DoS) Affected versions of this package are vulnerable to Denial of Service (DoS). An infinite loop exists in `SMLLexer` that may lead to denial of service. This occurs when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by an input that only contains the "exception" keyword. How to fix Denial of Service (DoS)? Upgrade `Pygments` to version 2.7.4 or higher.	[1.5,2.7.4)
H Regular Expression Denial of Service (ReDoS) Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS). The lexers used to parse programming languages rely heavily on regular expressions. Some of these have exponential or cubic worst-case complexity and can be abuse by crafting malicious input. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `Pygments` to version 2.7.4 or higher.	[1.1,2.7.4)
C Arbitrary Command Injection `pygments` is a syntax highlighting package written in Python. The `FontManager._get_nix_font_path` function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.	[1.2.2,2.0.2]

Go back to all versions of this package