CVE-2017-11554

There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead…

mitre·CWE-674·Published 2017-07-23

CVSS

—

EPSS

0.02

KEV

Exploits

cve.orgen

170 chars

There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service.

NVDen

170 chars

There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service.

NVDes

208 chars

Se presenta una vulnerabilidad de consumo de pila en la función lex del archivo parser.hpp (como es usado en sassc) en LibSass versión 3.4.5. Una entrada creada conllevará a una denegación de servicio remota.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H