You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
CVE-2018-20821 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.11.0
🌈 Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 743bd280ef9d3a3127ed7f904cd5dddec872618a
Library Source Files (120)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
Vulnerability Details
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
Publish Date: 2019-04-23
URL: CVE-2018-20821
CVSS 3 Score Details (6.5)
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: