node-sass@4.9.2 vulnerabilities
Wrapper around libsass
-
latest version
9.0.0
-
first published
12 years ago
-
latest version published
a year ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the node-sass package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Improper Certificate Validation. Certificate validation is disabled by default when requesting binaries, even if the user is not specifying an alternative download path. How to fix Improper Certificate Validation? Upgrade |
>=2.0.0 <7.0.0
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Denial of Service (DoS). Crafted objects passed to the How to fix Denial of Service (DoS)? Upgrade |
>=3.3.0 <4.13.1
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Denial of Service (DoS). Uncontrolled recursion is possible in How to fix Denial of Service (DoS)? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Uncontrolled Recursion via How to fix Uncontrolled Recursion? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Out-of-bounds Read. The function How to fix Out-of-bounds Read? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Denial of Service (DoS). Functions inside How to fix Denial of Service (DoS)? Upgrade |
<4.11.0
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Out-of-bounds Read via How to fix Out-of-bounds Read? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to NULL Pointer Dereference via How to fix NULL Pointer Dereference? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Use After Free via the How to fix Use After Free? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Out-of-Bounds via How to fix Out-of-Bounds? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to NULL Pointer Dereference. An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function How to fix NULL Pointer Dereference? Upgrade |
<4.11.0
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Resource Exhaustion. In LibSass prior to 3.5.5, How to fix Resource Exhaustion? Upgrade |
<4.11.0
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Out-of-bounds Read. An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function How to fix Out-of-bounds Read? Upgrade |
<4.11.0
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to NULL Pointer Dereference in the function How to fix NULL Pointer Dereference? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Out-of-Bounds. A heap-based buffer over-read exists in How to fix Out-of-Bounds? There is no fixed version for |
*
|
node-sass is a Node.js bindings package for libsass. Affected versions of this package are vulnerable to Use After Free. A use-after-free vulnerability exists in How to fix Use After Free? Upgrade |
>=4.4.0 <4.13.1
|