CVE-2018-11697 (High) detected in opennmsopennms-source-26.0.0-1, CSS::Sassv3.4.11 - autoclosed #40
Labels
Mend: dependency security vulnerability
Security vulnerability detected by WhiteSource
CVE-2018-11697 - High Severity Vulnerability
Vulnerable Libraries - opennmsopennms-source-26.0.0-1, CSS::Sassv3.4.11
Vulnerability Details
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Publish Date: 2018-06-04
URL: CVE-2018-11697
CVSS 3 Score Details (8.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://github.com/sass/libsass/releases/tag/3.6.0
Release Date: 2018-06-04
Fix Resolution: libsass - 3.6.0
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: