Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2020-0049)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.04006EPSS
Exploits9References4
Mageia
Mageia
added 2020/01/28 7:52 a.m.66 views

Updated libsass packages fix security vulnerabilities

Use-after-free vulnerability in sasscontext.cpp:handleerror CVE-2018-11499. Null pointer dereference in Sass::SelectorList::populateextends CVE-2018-19797. Use-after-free vulnerability exists in the SharedPtr class CVE-2018-19827. Stack overflow in Eval::operator CVE-2018-19837. Stack-overflow at...

9.8CVSS4.2AI score0.04006EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2019/07/24 12:0 a.m.35 views

openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.04006EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2019/07/24 12:0 a.m.46 views

openSUSE Security Update : libsass (openSUSE-2019-1791)

This update for libsass to version 3.6.1 fixes the following issues : Security issues fixed : - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...

9.8CVSS6.4AI score0.04006EPSS
Exploits9References24
OSV
OSV
added 2018/12/04 9:29 a.m.2 views

UBUNTU-CVE-2018-19837

In LibSass prior to 3.5.5, Sass::Eval::operatorSass::BinaryExpression inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp...

6.5CVSS7.3AI score0.01807EPSS
Exploits1References3
CVE
CVE
added 2018/12/04 9:0 a.m.140 views

CVE-2018-19837

CVE-2018-19837 affects LibSass prior to 3.5.5, where Sass::Eval::operator() in eval.cpp can trigger a denial-of-service via stack consumption from parsing '%' as modulo in parser.cpp. Affected versions include.LibSass vulnerability details are corroborated by multiple advisories (e.g., openSUSE/l...

6.5CVSS6.2AI score0.01807EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder