{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35760?format=json","vulnerability_id":"VCID-cz6q-73vy-tbcf","summary":"An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the \"exception\" keyword.","aliases":[{"alias":"CVE-2021-20270"},{"alias":"GHSA-9w8r-397f-prfh"},{"alias":"PYSEC-2021-140"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/20373?format=json","purl":"pkg:pypi/pygments@2.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/9079?format=json","purl":"pkg:pypi/pygments@1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/9080?format=json","purl":"pkg:pypi/pygments@1.6rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.6rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/9081?format=json","purl":"pkg:pypi/pygments@1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/9082?format=json","purl":"pkg:pypi/pygments@2.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/9083?format=json","purl":"pkg:pypi/pygments@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/9084?format=json","purl":"pkg:pypi/pygments@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/9085?format=json","purl":"pkg:pypi/pygments@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aape-ns89-2uar"},{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/9086?format=json","purl":"pkg:pypi/pygments@2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20356?format=json","purl":"pkg:pypi/pygments@2.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20357?format=json","purl":"pkg:pypi/pygments@2.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20358?format=json","purl":"pkg:pypi/pygments@2.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/20359?format=json","purl":"pkg:pypi/pygments@2.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20360?format=json","purl":"pkg:pypi/pygments@2.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20361?format=json","purl":"pkg:pypi/pygments@2.3.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.3.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20362?format=json","purl":"pkg:pypi/pygments@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20363?format=json","purl":"pkg:pypi/pygments@2.4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20364?format=json","purl":"pkg:pypi/pygments@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20365?format=json","purl":"pkg:pypi/pygments@2.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20366?format=json","purl":"pkg:pypi/pygments@2.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20367?format=json","purl":"pkg:pypi/pygments@2.6.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.6.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20368?format=json","purl":"pkg:pypi/pygments@2.6.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.6.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20369?format=json","purl":"pkg:pypi/pygments@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/20370?format=json","purl":"pkg:pypi/pygments@2.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/20371?format=json","purl":"pkg:pypi/pygments@2.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/20372?format=json","purl":"pkg:pypi/pygments@2.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cz6q-73vy-tbcf"},{"vulnerability":"VCID-qa6e-abwc-47a4"},{"vulnerability":"VCID-rm69-vst8-xqbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/pygments@2.7.3"}],"references":[{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922136","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1922136"},{"reference_url":"https://github.com/advisories/GHSA-9w8r-397f-prfh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9w8r-397f-prfh"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html"},{"reference_url":"https://www.debian.org/security/2021/dsa-4889","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2021/dsa-4889"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz6q-73vy-tbcf"}