Description
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1471786
Related Vulnerabilities
CVE-2021-21179 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-25918 Vulnerability in npm package shescape
CVE-2023-49093 Vulnerability in maven package org.htmlunit:htmlunit
CVE-2021-21626 Vulnerability in maven package io.jenkins.plugins:warnings-ng
CVE-2020-24922 Vulnerability in maven package com.xuxueli:xxl-job-admin