Summary:
An update for python-pygments is now available for EulerOS V2.0SP12
EulerOS Security has rated this update as having a security impact of Low.A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.General:
Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: * a wide range of common languages and markup formats is supported * special attention is paid to details that increase highlighting quality * support for new languages and formats are added easily; most languages use a simple regex-based lexing mechanism * a number of output formats is available, among them HTML, RTF, LaTeX and ANSI sequences * it is usable as a command-line tool and as a library * ... and it highlights even Brainf*ck!
Security Fix(es):
A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular expression complexity. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.(CVE-2026-4539)Legal Disclaimer:
This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by any means, is totally at your own...
2.10.0-1.h2.eulerosv2r122.10.0-1.h2.eulerosv2r12Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:NA:L3.3/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L