vulnerability

Ubuntu: (Multiple Advisories) (CVE-2021-20270): Pygments vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	2021-03-22	2021-03-23	2024-11-15

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

2021-03-22

Added

2021-03-23

Modified

2024-11-15

Description

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

Solution(s)

ubuntu-pro-upgrade-python-pygmentsubuntu-pro-upgrade-python3-pygments

References

CVE-2021-20270
https://attackerkb.com/topics/CVE-2021-20270
DEBIAN-DSA-4889
NVD-CVE-2021-20270
UBUNTU-USN-4885-1
UBUNTU-USN-4897-2

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today