EPSS
Percentile
59.9%
libsass.so is vulnerable to buffer over-read vulnerability. When an attacker passes a malicious argument, it causes a parse error in parse_ie_keyword_arg, leading to the argument kwd_arg to be unfreed and a buffer over-read.
parse_ie_keyword_arg
kwd_arg
bugzilla.redhat.com/show_bug.cgi?id=1588663
github.com/sass/libsass/commit/eb15533b07773c30dc03c9d742865604f47120ef
github.com/sass/libsass/issues/2656