Lucene search

Libsass Security Vulnerabilities - 2023

cve

CVE-2022-26592

Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.

8.8CVSS

8.5AI Score

0.001EPSS

2023-08-22 07:16 PM

cve

CVE-2022-43357

Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.

7.5CVSS

7.5AI Score

0.001EPSS

2023-08-22 07:16 PM

cve

CVE-2022-43358

Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).

7.5CVSS

7.3AI Score

0.001EPSS

2023-08-22 07:16 PM