Description
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
Remediation
References
https://github.com/sass/libsass/issues/2999
Related Vulnerabilities
CVE-2023-30513 Vulnerability in maven package org.csanchez.jenkins.plugins:kubernetes
CVE-2020-28502 Vulnerability in maven package org.webjars.npm:xmlhttprequest-ssl
CVE-2010-5312 Vulnerability in maven package org.webjars:jquery-ui
CVE-2021-23392 Vulnerability in npm package locutus
CVE-2023-38905 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core