2 matches found
DEBIAN-CVE-2018-19837
In LibSass prior to 3.5.5, Sass::Eval::operatorSass::BinaryExpression inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp...
LibSass Denial of Service Vulnerability (CNVD-2019-06788)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'Sass::Eval::operator' function of the eval.cpp file in LibSass versions prior to 3.5.5, which stems from the program failing to properly parse the '%' character. The...