Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sass-lang vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-19219
In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack.
Sass-lang Libsass 3.5.0
8.8
CVSSv3
CVE-2018-11696
An issue exists in LibSass up to and including 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.8
CVSSv3
CVE-2018-11695
An issue exists in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.1
CVSSv3
CVE-2018-11693
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a de...
Sass-lang Libsass
8.8
CVSSv3
CVE-2018-11694
An issue exists in LibSass up to and including 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an malicious user to cause a denial of service (application crash) or possibly have unspecified other impact.
Sass-lang Libsass
8.1
CVSSv3
CVE-2018-11697
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a denial of...
Sass-lang Libsass
8.1
CVSSv3
CVE-2018-11698
An issue exists in LibSass up to and including 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an malicious user to disclose information or manipulated to read from unmapped memory causing a denial of servic...
Sass-lang Libsass
9.8
CVSSv3
CVE-2018-11499
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x up to and including 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
Sass-lang Libsass
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3