libsass.so is vulnerable to denial of service (DoS). The attack is possible because an attacker can send a malicious input to json_mkstream()
in sass_context.cpp
, causing a heap-based buffer over-read.
CPE | Name | Operator | Version |
---|---|---|---|
libsass.so | eq | 0.0.9 | |
libsass.so | eq | 0.0.9.debug |