NULL Pointer Dereference
CVE-2018-11695
Summary
An issue was discovered in LibSass through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
References
Advisory Timeline
- Published