AVG-1663 log

Package python2-pygments
Status Vulnerable
Severity Low
Type denial of service
Affected 2.5.2-2
Fixed Unknown
Current 2.5.2-2 [community]
Ticket Create
Created Sat Mar 6 09:37:13 2021
Issue Severity Remote Type Description
CVE-2021-27291 Low Yes Denial of service
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have...
CVE-2021-20270 Low Yes Denial of service
A security issue was found in python-pygments version 1.5 up to 2.7.3. When the SMLLexer gets fed the string "exception", it loops indefinitely, leading to...
References
https://pygments.org/docs/changelog/#version-2-6
Notes
python-pygments 2.5.2 was the last version to support Python 2.x, so this issue is not going to get fixed.