LibSass 3.6.1 Uncontrolled Recursion Vulnerability

Summary

LibSass 3.6.1 suffers from uncontrolled recursion vulnerability.

 

Credit:

The information has been provided by Vendor

The original article can be found at:https://github.com/sass/libsass/issues/3000


Details

LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sass::Binary_Expression*) in eval.cpp.

 

Vulnerable Systems:

LibSass 3.6.1 

 

CVE Information:

CVE-2019-18797

 

Disclosure Timeline:
Published Date:11/6/2019