Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-11556

Опубликовано: 23 июл. 2017
Источник: debian
EPSS Низкий

Описание

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsassfixed3.5.4-1package
libsassno-dsastretchpackage

Примечания

  • https://github.com/sass/libsass/issues/2447

  • https://github.com/sass/libsass/commit/7664114543757e932f5b1a2ff5295aa9b34f8623

EPSS

Процентиль: 60%
0.00401
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-11556

CVSS3: 7.5
ubuntu
больше 8 лет назад

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.

nvd логотип

CVE-2017-11556

CVSS3: 7.5
nvd
больше 8 лет назад

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.

github логотип

GHSA-x2cj-w5c5-j878

CVSS3: 7.5
github
больше 3 лет назад

There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.

suse-cvrf логотип

openSUSE-SU-2017:2939-1

suse-cvrf
больше 8 лет назад

Security update for libsass

EPSS

Процентиль: 60%
0.00401
Низкий