Denial of Service Vulnerability in Pygments SMLLexer

Denial of Service Vulnerability in Pygments SMLLexer

CVE-2021-20270 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

Learn more about our Web Application Penetration Testing UK.