5 matches found
DEBIAN-CVE-2018-19839
In LibSass prior to 3.5.5, the function handleerror in sasscontext.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file...
LibSass Denial of Service Vulnerability (CNVD-2019-06790)
LibSass is an open source written in C using Sass CSS extension language parser . A security vulnerability exists in the 'handleerror' function of the sasscontext.cpp file in LibSass versions prior to 3.5.5. An attacker can exploit this vulnerability to cause a denial of service with the help of ...
LibSass Memory Misreference Vulnerability
LibSass is an open source written in C using Sass CSS extension language parser . A memory misreference vulnerability exists in the 'handleerror' function in the sasscontext.cpp file in LibSass versions 3.4.x and 3.5.x through 3.5.4. An attacker could exploit this vulnerability to cause a denial ...
UBUNTU-CVE-2018-11499
A use-after-free vulnerability exists in handleerror in sasscontext.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service application crash or possibly unspecified other impact...
UBUNTU-CVE-2017-10687
In LibSass 3.4.5, there is a heap-based buffer over-read in the function jsonmkstream in sasscontext.cpp. A crafted input will lead to a remote denial of service attack...