Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-20822

Опубликовано: 23 апр. 2019
Источник: debian

Описание

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libsassfixed3.6.3-1package
libsassno-dsabusterpackage
libsassno-dsastretchpackage

Примечания

  • https://github.com/sass/libsass/issues/2671

  • Possibly introduced after https://github.com/sass/libsass/commit/25c9b4952f5838b615da996035453967d0420f57 (3.4.7)

  • Fixed in 3.6.1, but 3.6.3 first to land in unstable

Связанные уязвимости

ubuntu логотип

CVE-2018-20822

CVSS3: 6.5
ubuntu
почти 7 лет назад

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).

redhat логотип

CVE-2018-20822

CVSS3: 7.5
redhat
больше 7 лет назад

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).

nvd логотип

CVE-2018-20822

CVSS3: 6.5
nvd
почти 7 лет назад

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).

github логотип

GHSA-hgv9-5rhc-jpgp

CVSS3: 6.5
github
больше 3 лет назад

LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).

suse-cvrf логотип

openSUSE-SU-2019:1791-1

suse-cvrf
больше 6 лет назад

Security update for libsass