12 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-11499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in handleerror in sasscontext.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of...
Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to libsass and node-sass vulnerabilities
Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to the dependencies in the opensource library libsass-3.5.5 and opennms-opennms-source-25.1.1-1 . These are fixed. Vulnerability Details CVEID:CVE-2018-11696 DESCRIPTION: LibSaas is vulnerable to a denial of servic...
Ubuntu: Security Advisory (USN-4837-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0049)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Open Source Security issues for NPS console.
Summary Fixed Open Source issues for listed CVEs for NPS console. Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...
Security Bulletin: OSS security Scan issues for Concerto installer.
Summary Fixed in IBM Netezza for Cloud Pak for Data 11.1.1.0 Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...
Updated libsass packages fix security vulnerabilities
Use-after-free vulnerability in sasscontext.cpp:handleerror CVE-2018-11499. Null pointer dereference in Sass::SelectorList::populateextends CVE-2018-19797. Use-after-free vulnerability exists in the SharedPtr class CVE-2018-19827. Stack overflow in Eval::operator CVE-2018-19837. Stack-overflow at...
openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : libsass (openSUSE-2019-1791)
This update for libsass to version 3.6.1 fixes the following issues : Security issues fixed : - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...
Security update for libsass (moderate)
openSUSE Security Update: Security update for libsass Announcement ID: openSUSE-SU-2019:1791-1 Rating: moderate References: 1096894 1118301 1118346 1118348 1118349 1118351 1119789 1121943 1121944 1121945 1133200 1133201 Cross-References: CVE-2018-11499 CVE-2018-19797 CVE-2018-19827 CVE-2018-19837...
DEBIAN-CVE-2018-11499
A use-after-free vulnerability exists in handleerror in sasscontext.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service application crash or possibly unspecified other impact...
CVE-2018-11499
CVE-2018-11499 is a use-after-free in LibSass (sass_context.cpp, handle_error()) affecting LibSass 3.4.x and 3.5.x up to 3.5.4. It could crash the application (DoS) and potentially other impacts. Affected entries in connected docs point to LibSass vulnerabilities and advise upgrading to the lates...