CVE-2022-43357 Information

Description

Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218 which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass sassc 3.6.2.

Reference

https://github.com/sass/libsass/issues/3177 https://github.com/sass/libsass https://drive.google.com/file/d/1aC5q3czen0atI91fuBIoCBFkS30_OSWX/