Vulnerability Name: | CVE-2018-11696 (CCN-144308) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2018-06-03 | ||||||||||||||||||||||||||||||||||||
Published: | 2018-06-03 | ||||||||||||||||||||||||||||||||||||
Updated: | 2019-03-11 | ||||||||||||||||||||||||||||||||||||
Summary: | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-476 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-11696 Source: CCN Type: IBM Security Bulletin 794165 (API Connect) IBM API Connect is impacted by multiple open source software vulnerabilities. Source: XF Type: UNKNOWN libsaas-cve201811696-dos(144308) Source: CCN Type: libsass GIT Repository AddressSanitizer: null pointer dereference (SEGV) in Sass::Inspect::operator (libsass/src/inspect.cpp:1060:9) #2665 Source: MISC Type: Exploit, Issue Tracking, Patch, Third Party Advisory https://github.com/sass/libsass/issues/2665 Source: CCN Type: IBM Security Bulletin 6612791 (Cloud Pak System Software) Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System. | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |