1149 matches found
Security update for libsass (moderate)
openSUSE Security Update: Security update for libsass Announcement ID: openSUSE-SU-2019:1800-1 Rating: moderate References: 1096894 1118301 1118346 1118348 1118349 1118351 1119789 1121943 1121944 1121945 1133200 1133201 Cross-References: CVE-2018-11499 CVE-2018-19797 CVE-2018-19827 CVE-2018-19837...
OPENSUSE-SU-2019:1791-1 Security update for libsass
This update for libsass to version 3.6.1 fixes the following issues: Security issues fixed: - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
Uncontrolled recursion leads to abort in HTML serialization
Affected versions of this crate did use recursion for serialization of HTML DOM trees. This allows an attacker to cause abort due to stack overflow by providing a pathologically nested input. The flaw was corrected by serializing the DOM tree iteratively instead...
Code injection
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
UBUNTU-CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
DEBIAN-CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
CVE-2018-20821
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...
PT-2019-10261 · Sass +2 · Libsass +2
Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.4 Description: The issue allows attackers to cause a denial-of-service due to uncontrolled recursion. This occurs in the Sass::Complex Selector::perform function in ast.hpp and the Sass::Inspect::operator in inspect.cpp...
PT-2019-10260 · Sass +2 · Libsass +2
Name of the Vulnerable Software and Affected Versions: LibSass versions 3.5.5 and earlier Description: The parsing component in LibSass allows attackers to cause a denial-of-service due to uncontrolled recursion in Sass::Parser::parse css variable value in parser.cpp. Recommendations: For LibSass...
CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the...
CVE-2019-9192
In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\\1\\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...
CVE-2019-9192
In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...
CVE-2019-9192
In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs...