Description
In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. A crafted input will lead to a remote denial of service attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1466411
Related Vulnerabilities
CVE-2023-41080 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2016-0706 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2014-3630 Vulnerability in maven package com.typesafe.akka:akka-http-xml-experimental_2.11
CVE-2021-43116 Vulnerability in maven package com.alibaba.nacos:nacos-client
CVE-2020-24750 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind