CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8557

The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.091

EPSS Ranking 92.2%

CVSS Severity

CVSS v3 Score 9.0

CVSS v2 Score 9.3

References

Products affected by CVE-2015-8557

Pygments » Pygments » Version: 1.2.2

cpe:2.3:a:pygments:pygments:1.2.2
Pygments » Pygments » Version: 1.3

cpe:2.3:a:pygments:pygments:1.3
Pygments » Pygments » Version: 1.3.1

cpe:2.3:a:pygments:pygments:1.3.1
Pygments » Pygments » Version: 1.4

cpe:2.3:a:pygments:pygments:1.4
Pygments » Pygments » Version: 1.5

cpe:2.3:a:pygments:pygments:1.5
Pygments » Pygments » Version: 1.6

cpe:2.3:a:pygments:pygments:1.6
Pygments » Pygments » Version: 2.0

cpe:2.3:a:pygments:pygments:2.0
Pygments » Pygments » Version: 2.0.1

cpe:2.3:a:pygments:pygments:2.0.1
Canonical » Ubuntu Linux » Version: 12.04

cpe:2.3:o:canonical:ubuntu_linux:12.04
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04
Canonical » Ubuntu Linux » Version: 15.04

cpe:2.3:o:canonical:ubuntu_linux:15.04
Canonical » Ubuntu Linux » Version: 15.10

cpe:2.3:o:canonical:ubuntu_linux:15.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-8557

Products

Pricing

Contact Us