Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-19838

Опубликовано: 04 дек. 2018
Источник: debian

Описание

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsassfixed3.6.3-1package
libsassno-dsabusterpackage
libsassno-dsastretchpackage

Примечания

  • https://github.com/sass/libsass/issues/2660

  • Fixed in 3.6.1, but 3.6.3 first to land in unstable

Связанные уязвимости

ubuntu логотип

CVE-2018-19838

CVSS3: 6.5
ubuntu
около 7 лет назад

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().

nvd логотип

CVE-2018-19838

CVSS3: 6.5
nvd
около 7 лет назад

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().

github логотип

GHSA-wjrc-f8qw-j9q6

CVSS3: 6.5
github
больше 3 лет назад

In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().

suse-cvrf логотип

openSUSE-SU-2019:1791-1

suse-cvrf
больше 6 лет назад

Security update for libsass