An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.