Description
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
Remediation
References
https://github.com/sass/libsass/issues/2999
Related Vulnerabilities
CVE-2021-4040 Vulnerability in maven package org.apache.activemq:artemis-commons
CVE-2023-34615 Vulnerability in maven package net.pwall.json:jsonutil
CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-common_2.12
CVE-2021-3189 Vulnerability in npm package slashify
CVE-2021-4245 Vulnerability in maven package org.webjars.npm:rfc6902