Vulnerabilities > Sass Lang > Libsass > 3.6.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-06 | CVE-2019-18799 | NULL Pointer Dereference vulnerability in Sass-Lang Libsass LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser::parseCompoundSelector in parser_selectors.cpp. | 6.5 |
| 2019-11-06 | CVE-2019-18798 | Out-of-bounds Read vulnerability in Sass-Lang Libsass LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in ast_sel_weave.cpp. | 6.5 |