This repository has been archived by the owner on Jul 24, 2024. It is now read-only.
Denial of Service vulnerability #2818
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
All versions of node-sass are vulnerable to Denial of Service (DoS). Crafted objects passed to the renderSync function may trigger C++ assertions in CustomImporterBridge::get_importer_entry and CustomImporterBridge::post_process_return_value that crash the Node process.
All versions affected.
More info
The text was updated successfully, but these errors were encountered: