Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sass-lang libsass vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-19219
In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack.
Sass-lang Libsass 3.5.0
383
VMScore
CVE-2018-19797
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
Sass-lang Libsass 3.5.5
383
VMScore
CVE-2018-19826
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE:...
Sass-lang Libsass 3.5.5
605
VMScore
CVE-2018-19827
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass 3.5.5
384
VMScore
CVE-2018-20822
LibSass 3.5.4 allows malicious users to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).
Sass-lang Libsass 3.5.4
NA
CVE-2022-26592
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.
Sass-lang Libsass 3.6.5
NA
CVE-2022-43358
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by malicious users to cause a denial of service (DoS).
Sass-lang Libsass 3.6.5-8-g210218
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3