Description
LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp.
Remediation
References
https://github.com/sass/libsass/issues/2999
Related Vulnerabilities
CVE-2021-32691 Vulnerability in npm package data-connector-rock
CVE-2022-24846 Vulnerability in maven package org.geowebcache:gwc-diskquota-jdbc
CVE-2020-28423 Vulnerability in npm package monorepo-build
CVE-2018-18628 Vulnerability in maven package ro.pippo:pippo-core
CVE-2020-8203 Vulnerability in maven package org.webjars.bower:lodash