Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/06 4:20 p.m.29 views

Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to libsass and node-sass vulnerabilities

Summary IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vunerable to the dependencies in the opensource library libsass-3.5.5 and opennms-opennms-source-25.1.1-1 . These are fixed. Vulnerability Details CVEID:CVE-2018-11696 DESCRIPTION: LibSaas is vulnerable to a denial of servic...

9.8CVSS7.6AI score0.04006EPSS
Exploits14Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2020-0049)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.04006EPSS
Exploits9References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 7:3 a.m.45 views

Security Bulletin: Open Source Security issues for NPS console.

Summary Fixed Open Source issues for listed CVEs for NPS console. Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

9.8CVSS1AI score0.05213EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/08 6:37 a.m.65 views

Security Bulletin: OSS security Scan issues for Concerto installer.

Summary Fixed in IBM Netezza for Cloud Pak for Data 11.1.1.0 Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

9.8CVSS1.2AI score0.05213EPSS
Exploits13Affected Software1
Mageia
Mageia
added 2020/01/28 7:52 a.m.68 views

Updated libsass packages fix security vulnerabilities

Use-after-free vulnerability in sasscontext.cpp:handleerror CVE-2018-11499. Null pointer dereference in Sass::SelectorList::populateextends CVE-2018-19797. Use-after-free vulnerability exists in the SharedPtr class CVE-2018-19827. Stack overflow in Eval::operator CVE-2018-19837. Stack-overflow at...

9.8CVSS4.2AI score0.04006EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2019/07/24 12:0 a.m.35 views

openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.2AI score0.04006EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2019/07/24 12:0 a.m.46 views

openSUSE Security Update : libsass (openSUSE-2019-1791)

This update for libsass to version 3.6.1 fixes the following issues : Security issues fixed : - CVE-2019-6283: Fixed heap-buffer-overflow in Sass::Prelexer::parenthesescopechar const boo1121943. - CVE-2019-6284: Fixed heap-based buffer over-read exists in Sass:Prelexer:alternatives boo1121944. -...

9.8CVSS6.4AI score0.04006EPSS
Exploits9References24
RedhatCVE
RedhatCVE
added 2019/05/14 12:9 p.m.24 views

CVE-2018-19838

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone, cloneChildren, and copy...

6.5CVSS5.6AI score0.01937EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2018/12/04 9:29 a.m.66 views

CVE-2018-19838

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone, cloneChildren, and copy...

6.5CVSS6.9AI score0.01937EPSS
Exploits1References1
CVE
CVE
added 2018/12/04 9:0 a.m.145 views

CVE-2018-19838

CVE-2018-19838 concerns LibSass pre-3.5.5, where functions in ast.cpp used for IMPLEMENT_AST_OPERATORS expansion can cause a denial of service via stack consumption when processing a crafted Sass file. The vulnerability arises from a stack-based buffer/recursion pattern in the IMPLEMENT_AST_OPERA...

6.5CVSS6.2AI score0.01937EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder