Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-11608

Опубликовано: 24 июл. 2017
Источник: debian

Описание

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsassfixed3.4.6-1package
libsassno-dsastretchpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1474276

  • https://github.com/sass/libsass/commit/648f763ede97f9a2c2c843a0a18ac18bbde3507b (3.4.6)

Связанные уязвимости

ubuntu логотип

CVE-2017-11608

CVSS3: 6.5
ubuntu
больше 8 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

nvd логотип

CVE-2017-11608

CVSS3: 6.5
nvd
больше 8 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

github логотип

GHSA-5cqh-5hxx-9w4g

CVSS3: 6.5
github
больше 3 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

suse-cvrf логотип

openSUSE-SU-2017:2939-1

suse-cvrf
больше 8 лет назад

Security update for libsass