diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-06 21:17:33 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-06 21:17:33 +0100 |
commit | e130c0ce3842f709abd8c5ad95f8369525cd81fd (patch) | |
tree | 6a41736a74424027b52009f8af8de40880da5aba | |
parent | cf2585062ff2a934362d783a7d8323738427beb3 (diff) |
Add CVE-2019-1879{7,8,9}/libsass
-rw-r--r-- | data/CVE/list | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index 37e0216136..cb391dccec 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,11 +1,14 @@ CVE-2019-18800 (Viber through 11.7.0.5 allows a remote attacker who can capture a vict ...) TODO: check CVE-2019-18799 (LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/3001 CVE-2019-18798 (LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/2999 CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/3000 CVE-2019-18796 RESERVED CVE-2019-18795 |