Unrated severityNVD Advisory· Published Aug 22, 2023· Updated Oct 3, 2024
CVE-2022-43357
CVE-2022-43357
Description
Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords6 versionspkg:bitnami/sasspkg:rpm/opensuse/libsass&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/libsass&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/libsass&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libsass&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/libsass&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5
>= 3.6.5-8-g210218, < 3.6.5+ 5 more
- (no CPE)range: >= 3.6.5-8-g210218, < 3.6.5
- (no CPE)range: < 3.6.5-150200.4.10.1
- (no CPE)range: < 3.6.5-150200.4.10.1
- (no CPE)range: < 3.6.5-2.1
- (no CPE)range: < 3.6.5-150200.4.10.1
- (no CPE)range: < 3.6.5-150200.4.10.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.