LibSass before 3.6.3 NULL Pointer Dereference Vulnerability

Summary

LibSass before 3.6.3 suffers from null pointer dereference vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://github.com/sass/libsass/issues/3001


Details

LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp.

 

Vulnerable Systems:

LibSass before 3.6.3 

 

CVE Information:

CVE-2019-18799

Disclosure Timeline:
Published Date:11/6/2019