Description
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
Remediation
References
https://github.com/sass/libsass/issues/2999
Related Vulnerabilities
CVE-2019-18797 Vulnerability in npm package node-sass
CVE-2021-41184 Vulnerability in maven package org.webjars.bower:jquery-ui
CVE-2023-25576 Vulnerability in npm package @fastify/multipart
CVE-2020-7680 Vulnerability in npm package docsify
CVE-2022-22881 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base