ALAS2MATE-DESKTOP1.X-2024-004 --- libsass| ID: oval:org.secpod.oval:def:1701992 | Date: (C)2024-02-07 (M)2024-02-07 |
| Class: PATCH | Family: unix |
Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service . Also affects the command line driver for libsass, sassc 3.6.2. Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service
