VDB
GHSA-qc22-xmq4-qg46
GHSA-qc22-xmq4-qg46
PUBLISHED
CVSS 6.800000190734863 MEDIUM
c2cciutils affected by CVE-2022-40896
Risk Scores
CVSS 4.0
6.800000190734863
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PyPI | Pygments | 0, 0 |
| PyPI | pygments | 2.6.0, 1.3, 1.4 |
| PyPI | Pygments | 0, 0, 0 |
| PyPI | c2cciutils | 1.1.6, 1.1.23, 1.1.17 |
Timeline
- Mar 2, 2026 Security Advisory
- Apr 1, 2026 CVE Published
References
- https://github.com/camptocamp/c2cciutils/security/advisories/GHSA-qc22-xmq4-qg46 url
- https://github.com/camptocamp/c2cciutils/commit/9d54eab73fcf24d492b339137040400da7ef4076 url
- https://github.com/advisories/GHSA-mrwq-x4v8-fh7p advisory
- https://github.com/camptocamp/c2cciutils package
- https://github.com/advisories/GHSA-qc22-xmq4-qg46 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-40896 vendor-advisory
- https://github.com/pygments/pygments/commit/97eb3d5ec7c1b3ea4fcf9dee30a2309cf92bd194 url
- https://github.com/pygments/pygments/commit/dd52102c38ebe78cd57748e09f38929fd283ad04 url
- https://github.com/pygments/pygments/commit/fdf182a7af85b1deeeb637ca970d31935e7c9d52 url
- https://github.com/pygments/pygments product
- https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61 url
- https://github.com/pypa/advisory-database/tree/main/vulns/pygments/PYSEC-2023-117.yaml url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZGMXALE3HSP4OXC7UUWIKX3OXKZDTY3 url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZO4BQCIY2S2KZYHERQMKURB7AHXDBO url
- https://pypi.org/project/Pygments url
- https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2 url