In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
References
Configurations
Information
Published : 2019-01-14 14:29
Updated : 2019-07-23 11:15
NVD link : CVE-2019-6286
Mitre link : CVE-2019-6286
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
sass-lang
- libsass