CVE-2018-11693 (NVD)

2018-06-04

An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.

Products Libsass
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links https://github.com/sass/libsass/issues/2661