0.003 Low
EPSS
Percentile
70.9%
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
bugzilla.redhat.com/show_bug.cgi?id=1671386
www.cve.org/CVERecord?id=CVE-2018-19839 https://nvd.nist.gov/vuln/detail/CVE-2018-19839