node-sass is a Node.js bindings package for libsass.
Affected versions of this package are vulnerable to NULL Pointer Dereference. An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function
Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.
node-sass to version 4.11.0 or higher.