Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sass-lang vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-6284
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
Sass-lang Libsass 3.5.5
4.3
CVSSv2
CVE-2019-6286
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
Sass-lang Libsass 3.5.5
NA
CVE-2022-26592
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.
Sass-lang Libsass 3.6.5
5
CVSSv2
CVE-2020-24025
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
Sass-lang Node-sass
4.3
CVSSv2
CVE-2018-20822
LibSass 3.5.4 allows malicious users to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).
Sass-lang Libsass 3.5.4
4.3
CVSSv2
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
Sass-lang Libsass 3.5.5
4.3
CVSSv2
CVE-2018-19218
In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parse_css_variable_value_token that will lead to a DoS attack.
Sass-lang Libsass 3.5.0
NA
CVE-2022-43358
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by malicious users to cause a denial of service (DoS).
Sass-lang Libsass 3.6.5-8-g210218
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3