AVG-1663 log
Package | python2-pygments |
Status | Unknown |
Severity | Low |
Type | denial of service |
Affected | 2.5.2-2 |
Fixed | Unknown |
Current | Removed |
Ticket | None |
Created | Sat Mar 6 09:37:13 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-27291 | Low | Yes | Denial of service | In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have... |
CVE-2021-20270 | Low | Yes | Denial of service | A security issue was found in python-pygments version 1.5 up to 2.7.3. When the SMLLexer gets fed the string "exception", it loops indefinitely, leading to... |
References |
---|
https://pygments.org/docs/changelog/#version-2-6 |
Notes |
---|
python-pygments 2.5.2 was the last version to support Python 2.x, so this issue is not going to get fixed. |