OSV-2020-734

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libsass/OSV-2020-734.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-734
Published
2020-07-01T00:00:27.416077Z
Modified
2022-04-13T03:04:38.482266Z
Summary
Heap-buffer-overflow in Sass::Prelexer::quoted_string
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15890

Crash type: Heap-buffer-overflow READ 1
Crash state:
Sass::Prelexer::quoted_string
char const* Sass::Parser::lex<&
Sass::Parser::parse_value_schema
References

Affected packages

OSS-Fuzz / libsass

Package

Name
libsass
Purl
pkg:generic/libsass

Affected ranges

Type
GIT
Repo
https://github.com/sass/libsass.git
Events
Introduced
8e681e20795ee1cf203ff7002367c29735addf67
Fixed
7a21c79e321927363a153dc5d7e9c492365faf9b

Affected versions

3.*

3.6.0
3.6.1
3.6.2
3.6.3

Ecosystem specific 

{
    "severity": "MEDIUM"
}