Skip to content
This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

Libsass Security vulnerability for 3.5.5 #2951

Closed
sdmiller7 opened this issue Aug 5, 2020 · 1 comment
Closed

Libsass Security vulnerability for 3.5.5 #2951

sdmiller7 opened this issue Aug 5, 2020 · 1 comment

Comments

@sdmiller7
Copy link

Seeing multiple security vulnerabilities reported for libsass 3.5.5. Suggested bump to 3.6.0.

Reference Whitesource, redhat etc.
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2018-19827

High Severity
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
@nschonni
Copy link
Contributor

nschonni commented Aug 5, 2020

#2685

@nschonni nschonni closed this as completed Aug 5, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nschonni @sdmiller7