26 matches found
JLSEC-2026-502
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp or SharedPtr.hpp that may cause a denial of service application crash or possibly have unspecified other impact...
JLSEC-2026-501
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
...
Linux Distros Unpatched Vulnerability : CVE-2018-19797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause...
Linux Distros Unpatched Vulnerability : CVE-2019-6286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar...
Linux Distros Unpatched Vulnerability : CVE-2019-6283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp. CVE-2019-6283 Note that Nessus relies on the presence...
SUSE CVE-2018-19797
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...
SUSE CVE-2019-6284
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...
SUSE CVE-2019-6286
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...
CVE-2018-19826
DISPUTED In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop containing a Sass::Inspect::operatorSass::StringQuoted stack frame may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue i...
CVE-2018-19797
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause a Denial of Service application crash via a crafted sass input file...
DEBIAN-CVE-2019-6283
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...
UBUNTU-CVE-2019-6284
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp...
CVE-2019-6283
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...
CVE-2019-6283
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp...
PT-2019-18071 · Sass +2 · Libsass +2
Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.5 Description: A heap-based buffer over-read issue exists in the Sass::Prelexer::parenthese scope function, located in prelexer.hpp. This issue may potentially be exploited. Recommendations: For LibSass version 3.5.5,...
PT-2019-18072 · Sass +2 · Libsass +2
Name of the Vulnerable Software and Affected Versions: LibSass version 3.5.5 Description: A heap-based buffer over-read exists in the Sass::Prelexer::alternatives function in prelexer.hpp. Recommendations: For LibSass version 3.5.5, consider updating to a newer version to mitigate the risk,...
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operatorSass::SupportsOperator in eval.cpp may cause a Denial of Service application crash via a crafted sass input file...