There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1471786 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2017-07-22 20:29
Updated : 2019-10-02 17:03
NVD link : CVE-2017-11556
Mitre link : CVE-2017-11556
JSON object : View
CWE
CWE-674
Uncontrolled Recursion
Products Affected
libsass
- libsass