Lucene search
K

26 matches found

OSV
OSV
added 2026/05/18 2:23 p.m.9 views

JLSEC-2026-502

In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp or SharedPtr.hpp that may cause a denial of service application crash or possibly have unspecified other impact...

8.8CVSS7.3AI score0.02044EPSS
Exploits0References8
OSV
OSV
added 2026/05/18 2:23 p.m.20 views

JLSEC-2026-501

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS7.3AI score0.01829EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/11/27 9:5 a.m.5 views

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.

...

6.5CVSS7AI score0.01829EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2018-19797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause...

6.5CVSS7.3AI score0.01829EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-6286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar...

6.5CVSS7.6AI score0.02115EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-6283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp. CVE-2019-6283 Note that Nessus relies on the presence...

6.5CVSS7AI score0.0191EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:21 a.m.2 views

SUSE CVE-2018-19797

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS8.9AI score0.01829EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.4 views

SUSE CVE-2019-6284

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...

6.5CVSS7.3AI score0.02096EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.3 views

SUSE CVE-2019-6286

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...

6.5CVSS8AI score0.02115EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2019/05/14 12:26 p.m.21 views

CVE-2018-19826

DISPUTED In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop containing a Sass::Inspect::operatorSass::StringQuoted stack frame may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue i...

6.5CVSS3.8AI score0.01191EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/05/14 12:2 p.m.21 views

CVE-2018-19797

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS2.9AI score0.01829EPSS
Exploits0References1
OSV
OSV
added 2019/01/14 10:29 p.m.2 views

DEBIAN-CVE-2019-6283

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...

6.5CVSS8.7AI score0.0191EPSS
Exploits1References1
OSV
OSV
added 2019/01/14 10:29 p.m.3 views

UBUNTU-CVE-2019-6284

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...

6.5CVSS7.5AI score0.02096EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/01/14 10:0 p.m.13 views

CVE-2019-6283

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...

6.6AI score0.0191EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2019/01/14 10:0 p.m.19 views

CVE-2019-6283

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...

6.5CVSS6.8AI score0.0191EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/01/14 12:0 a.m.2 views

PT-2019-18071 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.5 Description: A heap-based buffer over-read issue exists in the Sass::Prelexer::parenthese scope function, located in prelexer.hpp. This issue may potentially be exploited. Recommendations: For LibSass version 3.5.5,...

9.8CVSS6.3AI score0.04006EPSS
Exploits14References98
Positive Technologies
Positive Technologies
added 2019/01/14 12:0 a.m.3 views

PT-2019-18072 · Sass +2 · Libsass +2

Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.5 Description: A heap-based buffer over-read exists in the Sass::Prelexer::alternatives function in prelexer.hpp. Recommendations: For LibSass version 3.5.5, consider updating to a newer version to mitigate the risk,...

9.8CVSS6.5AI score0.04006EPSS
Exploits14References98
UbuntuCve
UbuntuCve
added 2018/12/17 8:29 p.m.17 views

CVE-2018-20190

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS6.9AI score0.02587EPSS
Exploits1References3
NVD
NVD
added 2018/12/17 8:29 p.m.10 views

CVE-2018-20190

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.5CVSS6.3AI score0.02587EPSS
Exploits1References5
Cvelist
Cvelist
added 2018/12/17 8:0 p.m.14 views

CVE-2018-20190

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...

6.3AI score0.02587EPSS
Exploits1References5
Rows per page
Query Builder