Description
There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack.
Remediation
References
http://www.securityfocus.com/bid/99930
https://bugzilla.redhat.com/show_bug.cgi?id=1474019
Related Vulnerabilities
CVE-2023-26107 Vulnerability in npm package sketchsvg
CVE-2018-8014 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2018-11039 Vulnerability in maven package org.springframework:spring-web
CVE-2020-36732 Vulnerability in npm package crypto-js
CVE-2014-9515 Vulnerability in maven package com.github.dozermapper:dozer-parent