CVE-2021-20270

Loop with Unreachable Exit Condition (Infinite Loop) in pypi/Pygments

Identifier

CVE-2021-20270

Package Slug

pypi/Pygments

Vulnerability

Loop with Unreachable Exit Condition (Infinite Loop)

Description

An infinite loop in SMLLexer in Pygments to may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

Affected Versions

All versions starting from 1.5 up to 2.7.3

Solution

Upgrade to version 2.7.4 or above.

Last Modified

2021-03-26

source