VDB

CVE-2021-20270

CVE-2021-20270 PUBLISHED

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

EPSS 0.22% · 45.0th percentile

Risk Scores

EPSS Score
0.22%
45.0th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSpygments0, 2.0.1+dfsg-1.1svn1, 2.0.1+dfsg-1.1ubuntu1
Ubuntu:20.04:LTSpygments2.3.1+dfsg-1ubuntu1, 0, *
Ubuntu:Pro:14.04:LTSpygments*, 1.6+dfsg-1ubuntu1, 1.6+dfsg-1ubuntu1.1
Ubuntu:18.04:LTSpygments2.2.0+dfsg-1, 0

Timeline

  • Mar 9, 2021 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›