cpe:/a:libsass:libsass:3.4.5 CVE-2017-11341 2017-07-17T09:18:20.687-04:00 2019-10-02T20:03:26.223-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-07-19T12:51:45.583-04:00 MISC https://bugzilla.redhat.com/show_bug.cgi?id=1470714 There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.