AZL-43714 CVE-2022-43357 affecting package libsass 3.6.3-3

Stack overflow vulnerability in astselectors.cpp in function Sass::CompoundSelector::hasrealparentref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service DoS. Also affects the command line driver for libsass, sassc 3.6.2...

The vulnerability of the Sass::Eval::operator function (eval.cpp) in the LibSass library allows a hacker to cause a denial-of-service attack.

The vulnerability of the Sass::Eval::operator eval.cpp function in the LibSass library is caused by the consumption of memory resources on the stack. Exploiting this vulnerability may allow a malicious actor to cause a service failure...