An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Link | Tags |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1922136 | issue tracking third party advisory patch |
https://www.debian.org/security/2021/dsa-4889 | third party advisory vendor advisory |
https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html | third party advisory mailing list |
https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html | third party advisory mailing list |
https://www.oracle.com/security-alerts/cpuoct2021.html | third party advisory not applicable |