Description
There is an illegal address access in ast.cpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1470722
Related Vulnerabilities
CVE-2022-25867 Vulnerability in maven package io.socket:socket.io-client
CVE-2022-39386 Vulnerability in npm package fastify-websocket
CVE-2019-10349 Vulnerability in maven package org.jenkins-ci.plugins:depgraph-view
CVE-2023-33962 Vulnerability in maven package io.jstach:jstachio
CVE-2020-28470 Vulnerability in npm package @scullyio/scully