You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is closed as "won't fix" and "works as intended" by design
CVE-2018-19826 - Medium Severity Vulnerability
🌈 Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 1bdaed2a9f64ddf36c63561f57b069a67d0d77a7
Found in base branch: next
In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is closed as "won't fix" and "works as intended" by design
Publish Date: 2018-12-03
URL: CVE-2018-19826
Base Score Metrics:
The text was updated successfully, but these errors were encountered: