Information on source package libsass

Available versions

ReleaseVersion
buster3.5.5-4
bullseye3.6.4+20201122-1
bookworm3.6.5+20220909-1
trixie3.6.5+20231221-3
sid3.6.5+20231221-3

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-43358vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack overflow vulnerability in ast_selectors.cpp: in function Sass::C ...
CVE-2022-43357vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack overflow vulnerability in ast_selectors.cpp in function Sass::Co ...
CVE-2022-26592vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedStack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector ...
CVE-2019-18799vulnerable (no DSA)fixedfixedfixedfixedLibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ...
CVE-2019-18798vulnerable (no DSA)fixedfixedfixedfixedLibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ...
CVE-2018-20822vulnerable (no DSA)fixedfixedfixedfixedLibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ...
CVE-2018-20821vulnerable (no DSA)fixedfixedfixedfixedThe parsing component in LibSass through 3.5.5 allows attackers to cau ...
CVE-2018-19838vulnerable (no DSA)fixedfixedfixedfixedIn LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_ ...
CVE-2018-19797vulnerable (no DSA)fixedfixedfixedfixedIn LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Sel ...
CVE-2018-11698vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...
CVE-2018-11697vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...
CVE-2018-11694vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in LibSass through 3.5.4. A NULL pointer deref ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2019-18797vulnerablevulnerablevulnerablevulnerablevulnerableLibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...

Resolved issues

BugDescription
CVE-2019-6286In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...
CVE-2019-6284In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...
CVE-2019-6283In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...
CVE-2018-20190In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eva ...
CVE-2018-19839In LibSass prior to 3.5.5, the function handle_error in sass_context.c ...
CVE-2018-19837In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Express ...
CVE-2018-19827In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedP ...
CVE-2018-11696An issue was discovered in LibSass through 3.5.4. A NULL pointer deref ...
CVE-2018-11695An issue was discovered in LibSass <3.5.3. A NULL pointer dereference ...
CVE-2018-11693An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ...
CVE-2018-11499A use-after-free vulnerability exists in handle_error() in sass_contex ...
CVE-2017-11608There is a heap-based buffer over-read in the Sass::Prelexer::re_lineb ...
CVE-2017-11556There is a stack consumption vulnerability in the Parser::advanceToNex ...
CVE-2017-11555There is an illegal address access in the Eval::operator function in e ...
CVE-2017-11554There is a stack consumption vulnerability in the lex function in pars ...

Search for package or bug name: Reporting problems