Description
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
Remediation
References
https://github.com/sass/libsass/issues/2999
Related Vulnerabilities
CVE-2017-3201 Vulnerability in maven package com.exadel.flamingo.flex:amf-serializer
CVE-2013-6348 Vulnerability in maven package org.apache.struts:struts2-config-browser-plugin
CVE-2021-23383 Vulnerability in maven package org.webjars.npm:handlebars
CVE-2020-26217 Vulnerability in maven package com.thoughtworks.xstream:xstream