Unrated severityOSV Advisory· Published Dec 17, 2018· Updated Aug 5, 2024
CVE-2018-20190
CVE-2018-20190
Description
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords4 versionspkg:rpm/opensuse/libsass&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/libsass&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/libsass&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/libsass&distro=SUSE%20Package%20Hub%2015%20SP1
< 3.6.1-lp151.3.3.1+ 3 more
- (no CPE)range: < 3.6.1-lp151.3.3.1
- (no CPE)range: < 3.6.1-lp151.3.3.1
- (no CPE)range: < 3.6.1-bp150.3.3.1
- (no CPE)range: < 3.6.1-bp151.4.3.1
Patches
Vulnerability mechanics
References
5- lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.htmlmitrevendor-advisoryx_refsource_SUSE
- www.securityfocus.com/bid/106232mitrevdb-entryx_refsource_BID
- github.com/sass/libsass/issues/2786mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.