Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/pygments@2.15.0
purl pkg:pypi/pygments@2.15.0
Next non-vulnerable version 2.15.1
Latest non-vulnerable version 2.20.0
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-uk9e-3t7h-jkar
Aliases:
CVE-2022-40896
GHSA-mrwq-x4v8-fh7p
PYSEC-2023-117
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.
2.15.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-uk9e-3t7h-jkar A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer. CVE-2022-40896
GHSA-mrwq-x4v8-fh7p
PYSEC-2023-117

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:34:20.191273+00:00 GitLab Importer Fixing VCID-uk9e-3t7h-jkar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pygments/CVE-2022-40896.yml 38.4.0
2026-04-11T23:53:23.607368+00:00 GitLab Importer Fixing VCID-uk9e-3t7h-jkar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pygments/CVE-2022-40896.yml 38.3.0
2026-04-02T23:56:29.053808+00:00 GitLab Importer Fixing VCID-uk9e-3t7h-jkar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pygments/CVE-2022-40896.yml 38.1.0
2026-04-02T16:59:57.084736+00:00 GHSA Importer Fixing VCID-uk9e-3t7h-jkar https://github.com/advisories/GHSA-mrwq-x4v8-fh7p 38.1.0
2026-04-01T15:14:26.459037+00:00 PyPI Importer Affected by VCID-uk9e-3t7h-jkar https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:59:05.523490+00:00 GithubOSV Importer Fixing VCID-uk9e-3t7h-jkar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-mrwq-x4v8-fh7p/GHSA-mrwq-x4v8-fh7p.json 38.0.0
2026-04-01T12:51:36.345389+00:00 GitLab Importer Fixing VCID-uk9e-3t7h-jkar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Pygments/CVE-2022-40896.yml 38.0.0
2026-04-01T12:48:29.912443+00:00 Pypa Importer Affected by VCID-uk9e-3t7h-jkar https://github.com/pypa/advisory-database/blob/main/vulns/pygments/PYSEC-2023-117.yaml 38.0.0