CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

567 matches found

OSV•added 2026/05/18 2:23 p.m.•8 views

JLSEC-2026-502

In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp or SharedPtr.hpp that may cause a denial of service application crash or possibly have unspecified other impact...

8.8CVSS7.3AI score0.02044EPSS

Exploits0References8

OSV•added 2026/05/18 2:23 p.m.•6 views

JLSEC-2026-504

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::Parser::parsecssvariablevalue in parser.cpp...

6.5CVSS6.9AI score0.02218EPSS

Exploits1References8

OSV•added 2026/05/18 2:23 p.m.•7 views

JLSEC-2026-508

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...

6.5CVSS6.9AI score0.0191EPSS

Exploits1References8

OSV•added 2026/05/18 2:23 p.m.•7 views

JLSEC-2026-510

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...

6.5CVSS7.1AI score0.02115EPSS

Exploits1References8

OSV•added 2026/05/18 2:23 p.m.•7 views

JLSEC-2026-505

LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operatorSass::BinaryExpression in eval.cpp...

6.5CVSS5.8AI score0.01512EPSS

Exploits1References2

OSV•added 2026/05/18 2:23 p.m.•10 views

JLSEC-2026-506

LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in astselweave.cpp...

6.5CVSS5.9AI score0.01053EPSS

Exploits1References2

OSV•added 2026/05/18 2:23 p.m.•6 views

JLSEC-2026-509

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...

6.5CVSS5.9AI score0.02096EPSS

Exploits1References8

OSV•added 2026/05/18 2:23 p.m.•6 views

JLSEC-2026-507

LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parserselectors.cpp...

6.5CVSS7AI score0.0125EPSS

Exploits1References2

OSV•added 2026/05/18 2:23 p.m.•19 views

JLSEC-2026-501

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS7.3AI score0.01829EPSS

Exploits0References8

Tenable Nessus•added 2026/01/22 12:0 a.m.•5 views

Azure Linux 3.0 Security Update: libsass (CVE-2022-43358)

The version of libsass installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43358 advisory. - Stack overflow vulnerability in astselectors.cpp: in function Sass::ComplexSelector::hasplaceholder in...

7.5CVSS5.7AI score0.01252EPSS

Exploits1References2

Tenable Nessus•added 2026/01/22 12:0 a.m.•4 views

Azure Linux 3.0 Security Update: libsass (CVE-2022-43357)

The version of libsass installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-43357 advisory. - Stack overflow vulnerability in astselectors.cpp in function Sass::CompoundSelector::hasrealparentref in...

7.5CVSS5.7AI score0.01252EPSS

Exploits1References2

Microsoft CVE•added 2025/11/27 9:5 a.m.•5 views

In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.

...

8.8CVSS7AI score0.02044EPSS

Exploits0

Microsoft CVE•added 2025/11/27 9:5 a.m.•5 views

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.

...

6.5CVSS7AI score0.01829EPSS

Exploits0