Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sass-lang libsass vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19219
In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack.
Sass-lang Libsass 3.5.0
4.3
CVSSv2
CVE-2018-20822
LibSass 3.5.4 allows malicious users to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).
Sass-lang Libsass 3.5.4
4.3
CVSSv2
CVE-2018-20190
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
Sass-lang Libsass 3.5.5
4.3
CVSSv2
CVE-2018-19218
In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parse_css_variable_value_token that will lead to a DoS attack.
Sass-lang Libsass 3.5.0
6.8
CVSSv2
CVE-2018-19827
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass 3.5.5
NA
CVE-2022-26592
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.
Sass-lang Libsass 3.6.5
NA
CVE-2022-43358
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by malicious users to cause a denial of service (DoS).
Sass-lang Libsass 3.6.5-8-g210218
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3