2 matches found
LibSass 'json_mkstream()' function heap buffer overflow vulnerability
LibSass is an open source written in C using Sass CSS extension language parser . A heap buffer overflow vulnerability exists in the 'jsonmkstream' function of the sasscontext.cpp file in LibSass version 3.4.5. A remote attacker can exploit this vulnerability to cause a denial of service heap...
UBUNTU-CVE-2017-10687
In LibSass 3.4.5, there is a heap-based buffer over-read in the function jsonmkstream in sasscontext.cpp. A crafted input will lead to a remote denial of service attack...