Homepage
About Snyk

pylint@2.6.2 vulnerabilities

python code static checker

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the pylint package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Regular Expression Denial of Service (ReDoS)

pylint is a Python static code analysis tool which looks for programming errors, helps enforcing a coding standard, sniffs for code smells and offers simple refactoring suggestions.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the SPECIAL and PRIVATE attributes in pylint/pylint/pyreverse/utils.py. The ReDoS is mainly due to the pattern [^\W_]+\w*, and can be exploited with an input string such as "__"+"1"*5000 + "!".

How to fix Regular Expression Denial of Service (ReDoS)?

Upgrade pylint to version 2.7.0 or higher.

[,2.7.0)
Go back to all versions of this package