VYPR
High severity7.5NVD Advisory· Published Aug 18, 2017· Updated Jun 17, 2026

CVE-2017-12963

CVE-2017-12963

Description

There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libsass/Libsass2 versions
    cpe:2.3:a:libsass:libsass:3.4.5:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:libsass:libsass:3.4.5:*:*:*:*:*:*:*
    • (no CPE)range: <3.4.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.