In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
Wrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2018-19827
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Publish Date: 2018-12-03
URL: CVE-2018-19827
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2018-12-03
Fix Resolution: 5.0.0
CVE-2018-11694
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsAn issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Publish Date: 2018-06-04
URL: CVE-2018-11694
### CVSS 3 Score Details (8.8)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11694
Release Date: 2018-06-04
Fix Resolution: 5.0.0
CVE-2018-11698
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsAn issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Publish Date: 2018-06-04
URL: CVE-2018-11698
### CVSS 3 Score Details (8.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-11698
Release Date: 2018-06-04
Fix Resolution: 5.0.0
CVE-2021-33623
### Vulnerable Library - trim-newlines-1.0.0.tgzTrim newlines from the start and/or end of a string
Library home page: https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz
Dependency Hierarchy: - node-sass-4.14.1.tgz (Root Library) - meow-3.7.0.tgz - :x: **trim-newlines-1.0.0.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsThe trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
Publish Date: 2021-05-28
URL: CVE-2021-33623
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33623
Release Date: 2021-05-28
Fix Resolution (trim-newlines): 3.0.1
Direct dependency fix Resolution (node-sass): 6.0.1
CVE-2019-6284
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
Publish Date: 2019-01-14
URL: CVE-2019-6284
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6284
Release Date: 2020-08-24
Fix Resolution: 5.0.0
CVE-2019-6286
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
Publish Date: 2019-01-14
URL: CVE-2019-6286
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6286
Release Date: 2019-07-23
Fix Resolution: 5.0.0
CVE-2018-20821
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsThe parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
Publish Date: 2019-04-23
URL: CVE-2018-20821
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20821
Release Date: 2019-04-23
Fix Resolution: 5.0.0
CVE-2019-6283
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
Publish Date: 2019-01-14
URL: CVE-2019-6283
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6284
Release Date: 2020-08-24
Fix Resolution: 5.0.0
CVE-2018-20190
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
Publish Date: 2018-12-17
URL: CVE-2018-20190
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20190
Release Date: 2018-12-17
Fix Resolution: 5.0.0
CVE-2018-19839
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
Publish Date: 2018-12-04
URL: CVE-2018-19839
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19839
Release Date: 2018-12-04
Fix Resolution: 5.0.0
CVE-2018-19838
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().
Publish Date: 2018-12-04
URL: CVE-2018-19838
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Release Date: 2018-12-04
Fix Resolution: 5.0.0
CVE-2018-19797
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsIn LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
Publish Date: 2018-12-03
URL: CVE-2018-19797
### CVSS 3 Score Details (6.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19797
Release Date: 2018-12-03
Fix Resolution: 5.0.0
CVE-2020-24025
### Vulnerable Library - node-sass-4.14.1.tgzWrapper around libsass
Library home page: https://registry.npmjs.org/node-sass/-/node-sass-4.14.1.tgz
Dependency Hierarchy: - :x: **node-sass-4.14.1.tgz** (Vulnerable Library)
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
### Vulnerability DetailsCertificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
Publish Date: 2021-01-11
URL: CVE-2020-24025
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-24025
Release Date: 2021-01-11
Fix Resolution: 5.0.0