Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libsass
(Sass\-Lang)| Repositories | https://github.com/sass/libsass |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-11-12 | CVE-2018-19218 | In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parse_css_variable_value_token that will lead to a DoS attack. | Libsass | 6.5 | ||
| 2018-06-04 | CVE-2018-11698 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | Libsass | 8.1 | ||
| 2018-06-04 | CVE-2018-11697 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | Libsass | 8.1 | ||
| 2018-06-04 | CVE-2018-11696 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | Libsass | 8.8 | ||
| 2018-06-04 | CVE-2018-11695 | An issue was discovered in LibSass through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | Libsass | 8.8 | ||
| 2018-06-04 | CVE-2018-11694 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | Libsass | 8.8 | ||
| 2018-06-04 | CVE-2018-11693 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | Libsass | 8.1 |