CVE-2017-10687

In LibSass 3.4.5, there is a heap-based buffer over-read in the function json_mkstream() in sass_context.cpp. A crafted input will lead to a remote denial of service attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt