13 matches found
JLSEC-2026-507
LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parserselectors.cpp...
Linux Distros Unpatched Vulnerability : CVE-2018-19837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass prior to 3.5.5, Sass::Eval::operatorSass::BinaryExpression inside eval.cpp allows attackers to cause a denial-of-service resulting from stack...
LibSass 缓冲区错误漏洞
LibSass is an open source Sass CSS Extension Language parser written in C. It can be used for a variety of purposes, including parsing and analysis. A security vulnerability exists in LibSass version 3.6.5, which stems from a stack overflow vulnerability in astselectors.cpp in...
LibSass 缓冲区错误漏洞
LibSass is an open source Sass CSS Extension Language parser written in C. The parser is available in C and C++. A security vulnerability exists in LibSass version 3.6.5, which stems from a Denial of Service DoS vulnerability in ComplexSelector::hasplaceholder...
DEBIAN-CVE-2019-18799
LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parserselectors.cpp...
UBUNTU-CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
Code injection
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
DEBIAN-CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2019-6286
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...
LibSass Denial of Service Vulnerability (CNVD-2019-06788)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Eval::operator' function of the eval.cpp file in LibSass versions prior to 3.5.5, which stems from the program failing to properly parse the '%' character. The...
LibSass Denial of Service Vulnerability (CNVD-2019-06789)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in several functions of the ast.cpp file in LibSass versions prior to 3.5.5. An attacker can exploit this vulnerability to cause a denial of service stack corruption with the help of ...
Unspecified Vulnerability in LibSass
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Parser::parsecssvariablevaluetoken' function in LibSass version 3.5-stable. An attacker could exploit this vulnerability to cause a denial of service...
LibSass: stack overflow #6 in libsass
Feeding //0i: to ./sassc -s triggers this stack overflow. ==11380==ERROR: AddressSanitizer: stack-overflow on address 0x7fff1665bfa8 pc 0x000000584802 bp 0x7fff1665c810 sp 0x7fff1665bfb0 T0 0 0x584801 in asanmemcpy /home/geeknik/sassc/bin/sassc+0x584801 1 0x87a353 in char const...