CVE-2017-11608

Source
Severity High
Remote Yes
Type Denial of service
Description
There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack
Group Package Affected Fixed Severity Status Ticket
AVG-359 libsass 3.4.9-1 3.5.4-1 High Fixed
References
https://bugzilla.redhat.com/show_bug.cgi?id=1474276