CVE-2017-11608

Опубликовано: 24 июл. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.5

Описание

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	3.4.8-1
cosmic	not-affected	3.4.8-1
devel	not-affected	3.4.8-1
disco	not-affected	3.4.8-1
eoan	not-affected	3.4.8-1
esm-apps/bionic	not-affected	3.4.8-1
esm-apps/focal	not-affected	3.4.8-1
esm-apps/jammy	not-affected	3.4.8-1
esm-apps/noble	not-affected	3.4.8-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%

0.01021

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2017-11608

CVSS3: 6.5

nvd

больше 8 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

CVE-2017-11608

CVSS3: 6.5

debian

больше 8 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_lineb ...

GHSA-5cqh-5hxx-9w4g

CVSS3: 6.5

github

больше 3 лет назад

There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.

openSUSE-SU-2017:2939-1

suse-cvrf

больше 8 лет назад

Security update for libsass

EPSS

Процентиль: 77%

0.01021

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2017-11608

Описание

Пакет libsass

Ссылки на источники

Связанные уязвимости