AVG-1663 log
| Package | python2-pygments |
| Status | Unknown |
| Severity | Low |
| Type | denial of service |
| Affected | 2.5.2-2 |
| Fixed | Unknown |
| Current | Removed |
| Ticket | None |
| Created | Sat Mar 6 09:37:13 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-27291 | Low | Yes | Denial of service | In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have... |
| CVE-2021-20270 | Low | Yes | Denial of service | A security issue was found in python-pygments version 1.5 up to 2.7.3. When the SMLLexer gets fed the string "exception", it loops indefinitely, leading to... |
| References |
|---|
https://pygments.org/docs/changelog/#version-2-6 |
| Notes |
|---|
python-pygments 2.5.2 was the last version to support Python 2.x, so this issue is not going to get fixed. |