Libsass@* Security Vulnerabilities and Issues — Libsass@* CVE List

Lucene search

Sass-langLibsass*

4 matches found

CVE•added 2019/04/23 2:29 p.m.•143 views

CVE-2018-20821

The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).

6.5CVSS6.3AI score0.01076EPSS

CVE•added 2019/11/06 4:15 p.m.•48 views

CVE-2019-18797

LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp.

6.5CVSS6.3AI score0.00276EPSS

CVE•added 2019/11/06 4:15 p.m.•47 views

CVE-2019-18799

LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp.

6.5CVSS6.5AI score0.00434EPSS

CVE•added 2019/11/06 4:15 p.m.•45 views

CVE-2019-18798

LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.

6.5CVSS6.7AI score0.00433EPSS