[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47351: python-pygments@2.7.3 is vulnerable to at least CVE-2021-2027
From: |
Maxim Cournoyer |
Subject: |
bug#47351: python-pygments@2.7.3 is vulnerable to at least CVE-2021-20270 |
Date: |
Tue, 22 Mar 2022 22:31:58 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) |
Léo Le Bouter <lle-bout@zaclys.net> writes:
> CVE-2021-20270 23.03.21 18:15
> An infinite loop in SMLLexer in Pygments
> versions 1.5 to 2.7.3 may lead to denial of service when performing
> syntax highlighting of a Standard ML (SML) source file, as demonstrated
> by input that only contains the "exception" keyword.
>
> Upstream version 2.8.1 is not affected.
Which is now the current version packaged in Guix.
Thanks for the report!
Closing.
Maxim
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- bug#47351: python-pygments@2.7.3 is vulnerable to at least CVE-2021-20270,
Maxim Cournoyer <=