In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
References
Configurations
History
No history.
Information
Published : 2018-12-04 09:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-19839
Mitre link : CVE-2018-19839
CVE.ORG link : CVE-2018-19839
JSON object : View
Products Affected
sass-lang
- libsass
CWE
CWE-125
Out-of-bounds Read