Heap-based Buffer Over-read in LibSass 3.5.5
CVE-2019-6286 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
Learn more about our Web Application Penetration Testing UK.