Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libsass vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-11499
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x up to and including 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
Sass-lang Libsass
8.8
CVSSv3
CVE-2022-26592
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.
Sass-lang Libsass 3.6.5
8.8
CVSSv3
CVE-2018-19827
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass 3.5.5
8.8
CVSSv3
CVE-2018-11694
An issue exists in LibSass up to and including 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.8
CVSSv3
CVE-2018-11695
An issue exists in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.8
CVSSv3
CVE-2018-11696
An issue exists in LibSass up to and including 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.1
CVSSv3
CVE-2016-10686
fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the...
Fis-sass-all Project Fis-sass-all 0.2.0
8.1
CVSSv3
CVE-2018-11697
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a denial of...
Sass-lang Libsass
8.1
CVSSv3
CVE-2018-11693
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a de...
Sass-lang Libsass
8.1
CVSSv3
CVE-2018-11698
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a denial of servic...
Sass-lang Libsass
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »