Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/pygments@2.20.0
Typepypi
Namespace
Namepygments
Version2.20.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3kfv-bmqf-aqhv
vulnerability_id VCID-3kfv-bmqf-aqhv
summary 
Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching
A security flaw has been discovered in pygments before 2.20.0. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4539.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4539.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4539
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02702
published_at 2026-04-18T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02692
published_at 2026-04-16T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02731
published_at 2026-04-04T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02738
published_at 2026-04-07T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02741
published_at 2026-04-08T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02761
published_at 2026-04-09T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02715
published_at 2026-04-02T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02732
published_at 2026-04-11T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02712
published_at 2026-04-13T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02716
published_at 2026-04-12T12:55:00Z
10
value 6e-05
scoring_system epss
scoring_elements 0.00441
published_at 2026-04-21T12:55:00Z
11
value 7e-05
scoring_system epss
scoring_elements 0.00644
published_at 2026-04-24T12:55:00Z
12
value 7e-05
scoring_system epss
scoring_elements 0.00647
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4539
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4539
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/pygments/pygments
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pygments/pygments
5
reference_url https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pygments/pygments/commit/24b8aa76c6cd6d70f39c6dd605cce319c98e2ccc
6
reference_url https://github.com/pygments/pygments/issues/3058
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:08:35Z/
url https://github.com/pygments/pygments/issues/3058
7
reference_url https://github.com/pygments/pygments/pull/3064
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pygments/pygments/pull/3064
8
reference_url https://github.com/pygments/pygments/releases/tag/2.20.0
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pygments/pygments/releases/tag/2.20.0
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-4539
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-4539
10
reference_url https://vuldb.com/?ctiid.352327
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:08:35Z/
url https://vuldb.com/?ctiid.352327
11
reference_url https://vuldb.com/?id.352327
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:08:35Z/
url https://vuldb.com/?id.352327
12
reference_url https://vuldb.com/?submit.774685
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
4
value 1.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
5
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
6
value LOW
scoring_system generic_textual
scoring_elements
7
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:08:35Z/
url https://vuldb.com/?submit.774685
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132233
reference_id 1132233
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132233
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450066
reference_id 2450066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450066
15
reference_url https://github.com/advisories/GHSA-5239-wwwm-4pmq
reference_id GHSA-5239-wwwm-4pmq
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5239-wwwm-4pmq
16
reference_url https://github.com/pygments/pygments/
reference_id pygments
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
2
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R
3
value 4.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-23T16:08:35Z/
url https://github.com/pygments/pygments/
fixed_packages
0
url pkg:pypi/pygments@2.20.0
purl pkg:pypi/pygments@2.20.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.20.0
aliases CVE-2026-4539, GHSA-5239-wwwm-4pmq
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kfv-bmqf-aqhv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.20.0