2017-07-16 04:00:00
mitre
PUBLISHED
There is a heap based buffer over-read in lexer.hpp of LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.