Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-uk9e-3t7h-jkar

Summary A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.

Aliases

alias	CVE-2022-40896

alias	GHSA-mrwq-x4v8-fh7p

alias	PYSEC-2023-117

Fixed_packages

url	pkg:deb/debian/pygments@2.15.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/pygments@2.15.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.15.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/pygments@2.18.0%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/pygments@2.18.0%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.18.0%252Bdfsg-2%3Fdistro=trixie

url	pkg:deb/debian/pygments@2.18.0%2Bdfsg-2
purl	pkg:deb/debian/pygments@2.18.0%2Bdfsg-2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.18.0%252Bdfsg-2

url	pkg:deb/debian/pygments@2.19.2%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/pygments@2.19.2%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.19.2%252Bdfsg-1%3Fdistro=trixie

url pkg:pypi/pygments@2.15.0

purl pkg:pypi/pygments@2.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.15.0

url	pkg:pypi/pygments@2.15.1
purl	pkg:pypi/pygments@2.15.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.15.1

Affected_packages

url pkg:deb/debian/pygments@2.7.1%2Bdfsg-2.1?distro=trixie

purl pkg:deb/debian/pygments@2.7.1%2Bdfsg-2.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.7.1%252Bdfsg-2.1%3Fdistro=trixie

url pkg:deb/debian/pygments@2.7.1%2Bdfsg-2.1

purl pkg:deb/debian/pygments@2.7.1%2Bdfsg-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.7.1%252Bdfsg-2.1

url pkg:deb/debian/pygments@2.14.0%2Bdfsg-1

purl pkg:deb/debian/pygments@2.14.0%2Bdfsg-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.14.0%252Bdfsg-1

url pkg:deb/debian/pygments@2.14.0%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/pygments@2.14.0%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pygments@2.14.0%252Bdfsg-1%3Fdistro=trixie

url pkg:pypi/pygments@0.5

purl pkg:pypi/pygments@0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.5

url pkg:pypi/pygments@0.5.1

purl pkg:pypi/pygments@0.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.5.1

url pkg:pypi/pygments@0.6

purl pkg:pypi/pygments@0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.6

url pkg:pypi/pygments@0.7

purl pkg:pypi/pygments@0.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.7

url pkg:pypi/pygments@0.7.1

purl pkg:pypi/pygments@0.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.7.1

url pkg:pypi/pygments@0.8

purl pkg:pypi/pygments@0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.8

url pkg:pypi/pygments@0.8.1

purl pkg:pypi/pygments@0.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.8.1

url pkg:pypi/pygments@0.9

purl pkg:pypi/pygments@0.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.9

url pkg:pypi/pygments@0.10

purl pkg:pypi/pygments@0.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.10

url pkg:pypi/pygments@0.11

purl pkg:pypi/pygments@0.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.11

url pkg:pypi/pygments@0.11.1

purl pkg:pypi/pygments@0.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@0.11.1

url pkg:pypi/pygments@1.0

purl pkg:pypi/pygments@1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.0

url pkg:pypi/pygments@1.1

purl pkg:pypi/pygments@1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.1

url pkg:pypi/pygments@1.1.1

purl pkg:pypi/pygments@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.1.1

url pkg:pypi/pygments@1.2

purl pkg:pypi/pygments@1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.2

url pkg:pypi/pygments@1.2.1

purl pkg:pypi/pygments@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.2.1

url pkg:pypi/pygments@1.2.2

purl pkg:pypi/pygments@1.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.2.2

url pkg:pypi/pygments@1.3

purl pkg:pypi/pygments@1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.3

url pkg:pypi/pygments@1.3.1

purl pkg:pypi/pygments@1.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.3.1

url pkg:pypi/pygments@1.4

purl pkg:pypi/pygments@1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.4

url pkg:pypi/pygments@1.5

purl pkg:pypi/pygments@1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.5

url pkg:pypi/pygments@1.6rc1

purl pkg:pypi/pygments@1.6rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.6rc1

url pkg:pypi/pygments@1.6

purl pkg:pypi/pygments@1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.6

url pkg:pypi/pygments@2.0rc1

purl pkg:pypi/pygments@2.0rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0rc1

url pkg:pypi/pygments@2.0

purl pkg:pypi/pygments@2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0

url pkg:pypi/pygments@2.0.1

purl pkg:pypi/pygments@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0.1

url pkg:pypi/pygments@2.0.2

purl pkg:pypi/pygments@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

vulnerability	VCID-yesa-ghcy-mufw

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0.2

url pkg:pypi/pygments@2.1

purl pkg:pypi/pygments@2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1

url pkg:pypi/pygments@2.1.1

purl pkg:pypi/pygments@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.1

url pkg:pypi/pygments@2.1.2

purl pkg:pypi/pygments@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.2

url pkg:pypi/pygments@2.1.3

purl pkg:pypi/pygments@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.3

url pkg:pypi/pygments@2.2.0

purl pkg:pypi/pygments@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.2.0

url pkg:pypi/pygments@2.3.0

purl pkg:pypi/pygments@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.3.0

url pkg:pypi/pygments@2.3.1

purl pkg:pypi/pygments@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.3.1

url pkg:pypi/pygments@2.4.0

purl pkg:pypi/pygments@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.0

url pkg:pypi/pygments@2.4.1

purl pkg:pypi/pygments@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.1

url pkg:pypi/pygments@2.4.2

purl pkg:pypi/pygments@2.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.2

url pkg:pypi/pygments@2.5.1

purl pkg:pypi/pygments@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.5.1

url pkg:pypi/pygments@2.5.2

purl pkg:pypi/pygments@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.5.2

url pkg:pypi/pygments@2.6.0

purl pkg:pypi/pygments@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.6.0

url pkg:pypi/pygments@2.6.1

purl pkg:pypi/pygments@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.6.1

url pkg:pypi/pygments@2.7.0

purl pkg:pypi/pygments@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.0

url pkg:pypi/pygments@2.7.1

purl pkg:pypi/pygments@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.1

url pkg:pypi/pygments@2.7.2

purl pkg:pypi/pygments@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.2

url pkg:pypi/pygments@2.7.3

purl pkg:pypi/pygments@2.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1na8-nyq1-yfcy

vulnerability	VCID-brg4-rv29-1fgz

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.3

url pkg:pypi/pygments@2.7.4

purl pkg:pypi/pygments@2.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.4

url pkg:pypi/pygments@2.8.0

purl pkg:pypi/pygments@2.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.8.0

url pkg:pypi/pygments@2.8.1

purl pkg:pypi/pygments@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.8.1

url pkg:pypi/pygments@2.9.0

purl pkg:pypi/pygments@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.9.0

url pkg:pypi/pygments@2.10.0

purl pkg:pypi/pygments@2.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.10.0

url pkg:pypi/pygments@2.11.0

purl pkg:pypi/pygments@2.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.11.0

url pkg:pypi/pygments@2.11.1

purl pkg:pypi/pygments@2.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.11.1

url pkg:pypi/pygments@2.11.2

purl pkg:pypi/pygments@2.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.11.2

url pkg:pypi/pygments@2.12.0

purl pkg:pypi/pygments@2.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.12.0

url pkg:pypi/pygments@2.13.0

purl pkg:pypi/pygments@2.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.13.0

url pkg:pypi/pygments@2.14.0

purl pkg:pypi/pygments@2.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.14.0

url pkg:pypi/pygments@2.15.0

purl pkg:pypi/pygments@2.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.15.0

url pkg:rpm/redhat/python3x-pygments@2.17.2-1?arch=el8ap

purl pkg:rpm/redhat/python3x-pygments@2.17.2-1?arch=el8ap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python3x-pygments@2.17.2-1%3Farch=el8ap

url pkg:rpm/redhat/python-pygments@2.17.0-1?arch=el8pc

purl pkg:rpm/redhat/python-pygments@2.17.0-1?arch=el8pc

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pygments@2.17.0-1%3Farch=el8pc

url pkg:rpm/redhat/python-pygments@2.17.2-1?arch=el9ap

purl pkg:rpm/redhat/python-pygments@2.17.2-1?arch=el9ap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uk9e-3t7h-jkar

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-pygments@2.17.2-1%3Farch=el9ap

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40896.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40896.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40896

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.19992
published_at	2026-04-18T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19988
published_at	2026-04-16T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19952
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20007
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20065
published_at	2026-04-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20109
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20091
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20032
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20227
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20168
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40896

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40896
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40896

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/pygments/pygments

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pygments/pygments

reference_url

https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:28:52Z/

url

https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61

reference_url

https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194

reference_url

https://github.com/pygments/pygments/commit/dd52102c38ebe78cd57748e09f38929fd283ad04

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pygments/pygments/commit/dd52102c38ebe78cd57748e09f38929fd283ad04

reference_url

https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2023-117.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2023-117.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO

reference_url

https://pypi.org/project/Pygments

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pypi.org/project/Pygments

reference_url

https://pypi.org/project/Pygments/

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:28:52Z/

url

https://pypi.org/project/Pygments/

reference_url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2

reference_url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:28:52Z/

url

https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2251643
reference_id	2251643
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2251643

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-40896

reference_id

CVE-2022-40896

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-40896

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3/

reference_id

EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:28:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3/

reference_url

https://github.com/advisories/GHSA-mrwq-x4v8-fh7p

reference_id

GHSA-mrwq-x4v8-fh7p

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mrwq-x4v8-fh7p

reference_url	https://access.redhat.com/errata/RHSA-2024:1057
reference_id	RHSA-2024:1057
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1057

reference_url	https://access.redhat.com/errata/RHSA-2024:1072
reference_id	RHSA-2024:1072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1072

reference_url	https://usn.ubuntu.com/7128-1/
reference_id	USN-7128-1
reference_type
scores
url	https://usn.ubuntu.com/7128-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO/

reference_id

VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:28:52Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO/

Weaknesses

cwe_id	434
name	Unrestricted Upload of File with Dangerous Type
description	The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uk9e-3t7h-jkar

Vulnerability Instance