Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-08-22
Updated
2023-08-30
Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-08-22
Updated
2023-08-31
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-08-22
Updated
2023-08-25
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Max CVSS
8.8
EPSS Score
0.38%
Published
2018-12-03
Updated
2019-07-23
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Max CVSS
8.1
EPSS Score
0.22%
Published
2018-06-04
Updated
2019-03-11
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Max CVSS
8.1
EPSS Score
0.22%
Published
2018-06-04
Updated
2019-03-11
An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Max CVSS
8.8
EPSS Score
0.21%
Published
2018-06-04
Updated
2019-03-11
An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Max CVSS
8.8
EPSS Score
0.32%
Published
2018-06-04
Updated
2020-07-28
An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Max CVSS
8.8
EPSS Score
0.21%
Published
2018-06-04
Updated
2019-03-11
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Max CVSS
8.1
EPSS Score
0.22%
Published
2018-06-04
Updated
2019-03-11
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
Max CVSS
9.8
EPSS Score
0.32%
Published
2018-05-26
Updated
2019-07-23
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!