567 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the Sass::Prelexer::relinebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial o...
Linux Distros Unpatched Vulnerability : CVE-2017-11555
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
Linux Distros Unpatched Vulnerability : CVE-2018-11696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an...
Linux Distros Unpatched Vulnerability : CVE-2018-11694
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selectorappend which could be leveraged ...
Linux Distros Unpatched Vulnerability : CVE-2018-19837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass prior to 3.5.5, Sass::Eval::operatorSass::BinaryExpression inside eval.cpp allows attackers to cause a denial-of-service resulting from stack...
Linux Distros Unpatched Vulnerability : CVE-2018-20822
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibSass 3.5.4 allows attackers to cause a denial-of-service uncontrolled recursion in Sass::ComplexSelector::perform in ast.hpp and Sass::Inspect::operator in...
Linux Distros Unpatched Vulnerability : CVE-2018-11693
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skipoverscopes which could ...
Linux Distros Unpatched Vulnerability : CVE-2018-11698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handleerror which could be leveraged ...
Linux Distros Unpatched Vulnerability : CVE-2019-6284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp. CVE-2019-6284 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2018-19839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass prior to 3.5.5, the function handleerror in sasscontext.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-rea...
Linux Distros Unpatched Vulnerability : CVE-2018-19797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::SelectorList::populateextends in SharedPtr.hpp used by ast.cpp and astselectors.cpp may cause...
Linux Distros Unpatched Vulnerability : CVE-2017-11556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial ...
Linux Distros Unpatched Vulnerability : CVE-2018-19838
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack...
Linux Distros Unpatched Vulnerability : CVE-2018-11499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in handleerror in sasscontext.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2019-6286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar...
Linux Distros Unpatched Vulnerability : CVE-2019-6283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthesescope in prelexer.hpp. CVE-2019-6283 Note that Nessus relies on the presence...
CVE-2022-43358 affecting package libsass for versions less than 3.6.6-1
CVE-2022-43358 affecting package libsass for versions less than 3.6.6-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-43357 affecting package libsass for versions less than 3.6.6-1
CVE-2022-43357 affecting package libsass for versions less than 3.6.6-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-26592 affecting package libsass for versions less than 3.6.6-1
CVE-2022-26592 affecting package libsass for versions less than 3.6.6-1. An upgraded version of the package is available that resolves this issue...
Azure Linux 3.0 Security Update: libsass / reaper (CVE-2022-26592)
The version of libsass / reaper installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26592 advisory. - Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::hasrealparentref function...