Sass-lang - Libsass CVE

Filtered by vendor Sass-lang Subscribe

Filtered by product Libsass

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-11499	1 Sass-lang	1 Libsass	2019-07-23	7.5 HIGH	9.8 CRITICAL
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.

Vulnerabilities (CVE)