CVE-2017-11554

Source
Severity Medium
Remote Yes
Type Denial of service
Description
There is a stack consumption vulnerability in the lex function in parser.hpp (as used in sassc) in LibSass 3.4.5. A crafted input will lead to a remote denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-359 libsass 3.4.9-1 3.5.4-1 High Fixed
References
https://bugzilla.redhat.com/show_bug.cgi?id=1471780
https://github.com/sass/libsass/issues/2445