react-boilerplate-basic's People
react-boilerplate-basic's Issues
CVE-2018-19838 (Medium) detected in node-sass-v4.12.0
CVE-2018-19838 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy().
Publish Date: 2018-12-04
URL: CVE-2018-19838
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19838
Fix Resolution: 3.5.5
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11694 (High) detected in node-sass-v4.12.0
CVE-2018-11694 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Publish Date: 2018-06-04
URL: CVE-2018-11694
CVSS 3 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11693 (High) detected in node-sass-v4.12.0
CVE-2018-11693 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Publish Date: 2018-06-04
URL: CVE-2018-11693
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11499 (High) detected in node-sass-v4.12.0
CVE-2018-11499 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
Publish Date: 2018-05-26
URL: CVE-2018-11499
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-20190 (Medium) detected in node-sass-v4.12.0
CVE-2018-20190 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
Publish Date: 2018-12-17
URL: CVE-2018-20190
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-19797 (Medium) detected in node-sass-v4.12.0
CVE-2018-19797 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Selector_List::populate_extends in SharedPtr.hpp (used by ast.cpp and ast_selectors.cpp) may cause a Denial of Service (application crash) via a crafted sass input file.
Publish Date: 2018-12-03
URL: CVE-2018-19797
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-19826 (Medium) detected in node-sass-v4.12.0
CVE-2018-19826 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
** DISPUTED ** In inspect.cpp in LibSass 3.5.5, a high memory footprint caused by an endless loop (containing a Sass::Inspect::operator()(Sass::String_Quoted*) stack frame) may cause a Denial of Service via crafted sass input files with stray '&' or '/' characters. NOTE: Upstream comments indicate this issue is closed as "won't fix" and "works as intended" by design.
Publish Date: 2018-12-03
URL: CVE-2018-19826
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-20822 (Medium) detected in node-sass-v4.12.0
CVE-2018-20822 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp).
Publish Date: 2019-04-23
URL: CVE-2018-20822
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
WS-2019-0063 (High) detected in js-yaml-3.7.0.tgz
WS-2019-0063 - High Severity Vulnerability
Vulnerable Library - js-yaml-3.7.0.tgz
YAML 1.2 parser and serializer
Library home page: https://registry.npmjs.org/js-yaml/-/js-yaml-3.7.0.tgz
Path to dependency file: /react-boilerplate-basic/package.json
Path to vulnerable library: /tmp/git/react-boilerplate-basic/node_modules/js-yaml/package.json
Dependency Hierarchy:
- css-loader-0.28.11.tgz (Root Library)
- cssnano-3.10.0.tgz
- postcss-svgo-2.1.6.tgz
- svgo-0.7.2.tgz
- โ js-yaml-3.7.0.tgz (Vulnerable Library)
- svgo-0.7.2.tgz
- postcss-svgo-2.1.6.tgz
- cssnano-3.10.0.tgz
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Vulnerability Details
Js-yaml prior to 3.13.1 are vulnerable to Code Injection. The load() function may execute arbitrary code injected through a malicious YAML file.
Publish Date: 2019-04-30
URL: WS-2019-0063
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/813
Release Date: 2019-04-30
Fix Resolution: 3.13.1
Step up your Open Source Security Game with WhiteSource here
CVE-2019-6283 (Medium) detected in node-sass-v4.12.0
CVE-2019-6283 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp.
Publish Date: 2019-01-14
URL: CVE-2019-6283
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
WS-2018-0236 (Medium) detected in mem-1.1.0.tgz
WS-2018-0236 - Medium Severity Vulnerability
Vulnerable Library - mem-1.1.0.tgz
Memoize functions - An optimization used to speed up consecutive function calls by caching the result of calls with identical input
Library home page: https://registry.npmjs.org/mem/-/mem-1.1.0.tgz
Path to dependency file: /react-boilerplate-basic/package.json
Path to vulnerable library: /tmp/git/react-boilerplate-basic/node_modules/mem/package.json
Dependency Hierarchy:
- webpack-3.12.0.tgz (Root Library)
- yargs-8.0.2.tgz
- os-locale-2.1.0.tgz
- โ mem-1.1.0.tgz (Vulnerable Library)
- os-locale-2.1.0.tgz
- yargs-8.0.2.tgz
Found in HEAD commit: 49fc74df4b09e120e98322d76f500ccbdbea6571
Vulnerability Details
In nodejs-mem before version 4.0.0 there is a memory leak due to old results not being removed from the cache despite reaching maxAge. Exploitation of this can lead to exhaustion of memory and subsequent denial of service.
Publish Date: 2019-05-30
URL: WS-2018-0236
Suggested Fix
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1623744
Release Date: 2019-05-30
Fix Resolution: 4.0.0
Step up your Open Source Security Game with WhiteSource here
CVE-2018-19827 (High) detected in node-sass-v4.12.0
CVE-2018-19827 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a use-after-free vulnerability exists in the SharedPtr class in SharedPtr.cpp (or SharedPtr.hpp) that may cause a denial of service (application crash) or possibly have unspecified other impact.
Publish Date: 2018-12-03
URL: CVE-2018-19827
CVSS 3 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11698 (High) detected in node-sass-v4.12.0
CVE-2018-11698 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Publish Date: 2018-06-04
URL: CVE-2018-11698
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
WS-2019-0032 (Medium) detected in js-yaml-3.7.0.tgz
WS-2019-0032 - Medium Severity Vulnerability
Vulnerable Library - js-yaml-3.7.0.tgz
YAML 1.2 parser and serializer
Library home page: https://registry.npmjs.org/js-yaml/-/js-yaml-3.7.0.tgz
Path to dependency file: /react-boilerplate-basic/package.json
Path to vulnerable library: /tmp/git/react-boilerplate-basic/node_modules/js-yaml/package.json
Dependency Hierarchy:
- css-loader-0.28.11.tgz (Root Library)
- cssnano-3.10.0.tgz
- postcss-svgo-2.1.6.tgz
- svgo-0.7.2.tgz
- โ js-yaml-3.7.0.tgz (Vulnerable Library)
- svgo-0.7.2.tgz
- postcss-svgo-2.1.6.tgz
- cssnano-3.10.0.tgz
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Vulnerability Details
Versions js-yaml prior to 3.13.0 are vulnerable to Denial of Service. By parsing a carefully-crafted YAML file, the node process stalls and may exhaust system resources leading to a Denial of Service.
Publish Date: 2019-03-26
URL: WS-2019-0032
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/788/versions
Release Date: 2019-03-26
Fix Resolution: 3.13.0
Step up your Open Source Security Game with WhiteSource here
CVE-2018-20821 (Medium) detected in node-sass-v4.12.0
CVE-2018-20821 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp).
Publish Date: 2019-04-23
URL: CVE-2018-20821
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2019-6284 (Medium) detected in node-sass-v4.12.0
CVE-2019-6284 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp.
Publish Date: 2019-01-14
URL: CVE-2019-6284
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11697 (High) detected in node-sass-v4.12.0
CVE-2018-11697 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service.
Publish Date: 2018-06-04
URL: CVE-2018-11697
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2019-6286 (Medium) detected in node-sass-v4.12.0
CVE-2019-6286 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693.
Publish Date: 2019-01-14
URL: CVE-2019-6286
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
WS-2019-0019 (Medium) detected in braces-1.8.5.tgz
WS-2019-0019 - Medium Severity Vulnerability
Vulnerable Library - braces-1.8.5.tgz
Fastest brace expansion for node.js, with the most complete support for the Bash 4.3 braces specification.
Library home page: https://registry.npmjs.org/braces/-/braces-1.8.5.tgz
Path to dependency file: /react-boilerplate-basic/package.json
Path to vulnerable library: /tmp/git/react-boilerplate-basic/node_modules/braces/package.json
Dependency Hierarchy:
- babel-cli-6.26.0.tgz (Root Library)
- chokidar-1.7.0.tgz
- anymatch-1.3.2.tgz
- micromatch-2.3.11.tgz
- โ braces-1.8.5.tgz (Vulnerable Library)
- micromatch-2.3.11.tgz
- anymatch-1.3.2.tgz
- chokidar-1.7.0.tgz
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Vulnerability Details
Version of braces prior to 2.3.1 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.
Publish Date: 2019-03-25
URL: WS-2019-0019
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/786
Release Date: 2019-02-21
Fix Resolution: 2.3.1
Step up your Open Source Security Game with WhiteSource here
CVE-2018-11695 (High) detected in node-sass-v4.12.0
CVE-2018-11695 - High Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
An issue was discovered in LibSass through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
Publish Date: 2018-06-04
URL: CVE-2018-11695
CVSS 3 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Step up your Open Source Security Game with WhiteSource here
CVE-2018-19839 (Medium) detected in node-sass-v4.12.0
CVE-2018-19839 - Medium Severity Vulnerability
Vulnerable Library - node-sassv4.12.0
๐ Node.js bindings to libsass
Library home page: https://github.com/sass/node-sass.git
Found in HEAD commit: 62e310f1c632424d388deea457c280201be98aa6
Library Source Files (125)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/unchecked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/base.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operation.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/contrib/plugin.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_superselector.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/error_handling.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/emitter.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/output.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_def_macros.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/paths.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_unification.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/check_nesting.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/json.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/units.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8/checked.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/listize.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/prelexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass2scss.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/eval.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/expand.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/factory.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/boolean.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/source_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/value.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/utf8_string.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/callback_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/node.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/operators.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast_fwd_decl.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/parser.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/constants.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/list.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cssize.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/functions.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/util.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_function_bridge.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/custom_importer_bridge.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/bind.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/inspect.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_functions.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/backtrace.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/extend.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/sass_value_wrapper.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debugger.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/cencode.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/base64vlq.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/number.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/color.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/c99func.c
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/position.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/remove_placeholders.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_values.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/values.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/test/test_subset_map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass2scss.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/null.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/ast.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/include/sass/context.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/color_maps.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_context_wrapper.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/script/test-leaks.pl
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/lexer.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/memory/SharedPtr.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_c.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/sass_types/map.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/to_value.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/b64/encode.h
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/file.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/environment.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/plugins.hpp
- /react-boilerplate-basic/node_modules/node-sass/src/binding.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/sass_context.cpp
- /react-boilerplate-basic/node_modules/node-sass/src/libsass/src/debug.hpp
Vulnerability Details
In LibSass prior to 3.5.5, the function handle_error in sass_context.cpp allows attackers to cause a denial-of-service resulting from a heap-based buffer over-read via a crafted sass file.
Publish Date: 2018-12-04
URL: CVE-2018-19839
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19839
Fix Resolution: 3.5.5
Step up your Open Source Security Game with WhiteSource here
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.