CVE-2019-18799

Publication date 6 November 2019

Last updated 24 July 2024

Ubuntu priority

Cvss 3 Severity Score

LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp.

Show unmaintained releases

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libsass	Upstream: https://github.com/sass/libsass/pull/3027/commits/d2390e54c4f1ab5c33a0e35e7b9264b36284fa91 Upstream: https://github.com/sass/libsass/pull/3027/commits/994695c669085058c4a500f295a0531893eff77a Upstream: https://github.com/sass/libsass/pull/3027/commits/0b721e0f37fc69ab197ec956a923e036e3b05ca6