EPSS
Percentile
68.5%
libsass.so is vulnerable to denial of service (DoS). Failure to validate empty reference combinators in Inspect::operator() causes an invalid memory reference, resulting in an application crash.
Inspect::operator()
lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html
lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.html
bugzilla.redhat.com/show_bug.cgi?id=1706031
github.com/sass/libsass/issues/2671