5 matches found
CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
CVE-2018-20822
LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp...
LibSass Denial of Service Vulnerability (CNVD-2018-24636)
LibSass is an open source written in C using Sass CSS extension language parser . A denial of service vulnerability exists in the inspect.cpp file in LibSass version 3.5.5, which can be exploited by an attacker to cause a denial of service with the help of a specially crafted sass input file...
CVE-2018-19826
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop containing a Sass::Inspect::operatorSass::StringQuoted stack frame may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is closed ...