NULL Pointer Dereference [High Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-535500]
hmdnawazz opened this issue · comments
Snyk is detecting some vulnerabilities in the node-sass package.
Issues with no direct upgrade or patch: ✗ Out-of-Bounds [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-535498] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ NULL Pointer Dereference [High Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-535500] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Out-of-bounds Read [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-540958] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Uncontrolled Recursion [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-540964] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-540978] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ NULL Pointer Dereference [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-540992] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Out-of-Bounds [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-540998] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Use After Free [High Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-541000] in node-sass@8.0.0 introduced by node-sass@8.0.0
No upgrade or patch available ✗ Out-of-bounds Read [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-NODESASS-541002] in node-sass@8.0.0 introduced by node-sass@8.0.0
Is there any way to fix it? Any patch?
No, these are all previously reported issues in libsass that have no practical affect on this package