Back to search
CVE-2018-19838
Published: Dec 4, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/sass/libsass/issues/2660
x_refsource_MISC
openSUSE-SU-2019:1791
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2019:1800
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2019:1883
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now