Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).

...

AZL-44817 CVE-2022-43358 affecting package libsass for versions less than 3.6.6-1

Stack overflow vulnerability in astselectors.cpp: in function Sass::ComplexSelector::hasplaceholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service DoS...

libsass/data_context_fuzzer: Heap-buffer-overflow in std::__1::vector<std::__1::vector<Sass::SharedImpl<Sass::ComplexSelector>, std::

Project: https://github.com/sass/libsass.git Detailed report: https://oss-fuzz.com/testcase?key=5161915090731008 Project: libsass Fuzzer: libFuzzerlibsassdatacontextfuzzer Fuzz target binary: datacontextfuzzer Job Type: libfuzzerasanlibsass Platform Id: linux Crash Type: Heap-buffer-overflow READ...

Design/Logic Flaw

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...

UBUNTU-CVE-2018-20822

LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...