Affecting org.webjars.npm:node-sass artifact, versions [,4.4.0)Report new vulnerabilities
org.webjars.npm:node-sass is a Node.js bindings to libsass.
Affected versions of this package are vulnerable to Out-of-bounds Read.
A heap-based buffer over-read exists in the function
sass_context.cpp. A crafted input will lead to a remote denial of service attack. Note:
node-sass is affected by this vulnerability due to its bundled usage of the
org.webjars.npm:node-sass to version 4.4.0 or higher.