libsass 漏洞与 CVE 列表(11)

产品(CPE): — CVE 数: 11

libsass 漏洞概览

汇总 libsass 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

已披露问题常与 缓冲区溢出与输入验证问题 相关,可能在 软件部署与生产负载 场景中带来 应用崩溃与内存损坏 等暴露风险。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 11111 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2017-12964 There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator() in eval.cpp. It will lead to a remote denial of service attack. [email protected] 7.5 1.84% 2017-08-18 2026-06-16
CVE-2017-12963 There is an illegal address access in Sass::Eval::operator() in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix (available from GitHub after 2017-07-24). [email protected] 7.5 1.23% 2017-08-18 2026-06-16
CVE-2017-12962 There are memory leaks in LibSass 3.4.5 triggered by deeply nested code, such as code with a long sequence of open parenthesis characters, leading to a remote denial of service attack. [email protected] 7.5 1.23% 2017-08-18 2026-06-16
CVE-2017-11608 There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. [email protected] 6.5 1.15% 2017-07-24 2026-06-16
CVE-2017-11605 There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack. [email protected] 6.5 1.46% 2017-07-24 2026-06-16
CVE-2017-11556 There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service. [email protected] 7.5 1.20% 2017-07-22 2026-06-16
CVE-2017-11555 There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service. [email protected] 7.5 1.20% 2017-07-22 2026-06-16
CVE-2017-11554 There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service. [email protected] 7.5 1.88% 2017-07-22 2026-06-16
CVE-2017-11342 There is an illegal address access in ast.cpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. [email protected] 7.5 1.20% 2017-07-17 2026-06-16
CVE-2017-11341 There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack. [email protected] 7.5 1.72% 2017-07-17 2026-06-16
CVE-2017-10687 In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. A crafted input will lead to a remote denial of service attack. [email protected] 7.5 1.76% 2017-06-29 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence