| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2022-43358 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Stack overflow vulnerability in ast_selectors.cpp: in function Sass::C ... |
| CVE-2022-43357 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Stack overflow vulnerability in ast_selectors.cpp in function Sass::Co ... |
| CVE-2022-26592 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector ... |
| CVE-2019-18799 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ... |
| CVE-2019-18798 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ... |
| CVE-2019-6286 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ... |
| CVE-2019-6284 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ... |
| CVE-2019-6283 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ... |
| CVE-2018-20822 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ... |
| CVE-2018-20821 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | The parsing component in LibSass through 3.5.5 allows attackers to cau ... |
| CVE-2018-20190 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eva ... |
| CVE-2018-19839 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass prior to 3.5.5, the function handle_error in sass_context.c ... |
| CVE-2018-19838 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_ ... |
| CVE-2018-19837 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Express ... |
| CVE-2018-19827 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedP ... |
| CVE-2018-19797 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Sel ... |
| CVE-2018-11698 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ... |
| CVE-2018-11697 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ... |
| CVE-2018-11696 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LibSass through 3.5.4. A NULL pointer deref ... |
| CVE-2018-11695 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LibSass <3.5.3. A NULL pointer dereference ... |
| CVE-2018-11694 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in LibSass through 3.5.4. A NULL pointer deref ... |
| CVE-2018-11693 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LibSass through 3.5.4. An out-of-bounds rea ... |
| CVE-2017-11608 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | There is a heap-based buffer over-read in the Sass::Prelexer::re_lineb ... |
| CVE-2017-11556 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | There is a stack consumption vulnerability in the Parser::advanceToNex ... |
| CVE-2017-11555 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | There is an illegal address access in the Eval::operator function in e ... |
| CVE-2017-11554 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | There is a stack consumption vulnerability in the lex function in pars ... |