Описание
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libsass | fixed | 3.6.5+20231221-1 | experimental | package |
| libsass | fixed | 3.6.5+20231221-2 | package | |
| libsass | ignored | bookworm | package | |
| libsass | no-dsa | bullseye | package | |
| libsass | no-dsa | buster | package |
Примечания
https://github.com/sass/libsass/issues/3178
https://github.com/sass/libsass/pull/3184
https://github.com/sass/libsass/commit/5bb0ea0c4b2ebebe542933f788ffacba459a717a (3.6.6)
EPSS
Связанные уязвимости
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).
EPSS