diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-06 21:17:33 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-11-06 21:17:33 +0100 |
commit | 28b62232a434dbcc88b2d6bd785b4b036fa32ff8 (patch) | |
tree | f71d9413841de41ce396fb0fabfc910cde19c7fa | |
parent | 3caadd439be074f61f2ce3718f976f7f981403d4 (diff) |
Add CVE-2019-1879{7,8,9}/libsass
-rw-r--r-- | data/CVE/2019.list | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index fa0ddeaabb..91d92cce32 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,11 +1,14 @@ CVE-2019-18800 (Viber through 11.7.0.5 allows a remote attacker who can capture a vict ...) TODO: check CVE-2019-18799 (LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/3001 CVE-2019-18798 (LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/2999 CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...) - TODO: check + - libsass <unfixed> + NOTE: https://github.com/sass/libsass/issues/3000 CVE-2019-18796 RESERVED CVE-2019-18795 |