CVE-2018-11697, CVE-2018-11698
[º¸¾È´º½º ¹®°¡¿ë ±âÀÚ] ÇöÁö ½Ã°¢À¸·Î 6¿ù 3ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 3ÀÏ¿¡¼ 4ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÌ´Ù.
[À̹ÌÁö = iclickart]
1. CVE-2018-11694
LibSaas 3.5.4±îÁö ¹öÀüÀÇ Sass::Functions::selector_append ÇÔ¼öÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ DoS °ø°ÝÀ» °¨ÇàÇÒ ¼ö ÀÖ°Ô ÇØÁØ´Ù.
2, CVE-2018-11695
LibSaas 3.5.2±îÁö ¹öÀüÀÇ Sass::Expand::operator ÇÔ¼öÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ DoS °ø°ÝÀ» °¨ÇàÇÒ ¼ö ÀÖ°Ô ÇØÁØ´Ù.
3. CVE-2018-11696
LibSaas 3.5.4±îÁö ¹öÀüÀÇ Sass::Inspect::operator ÇÔ¼öÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ DoS °ø°ÝÀ» °¨ÇàÇÒ ¼ö ÀÖ°Ô ÇØÁØ´Ù.
4. CVE-2018-11697
LibSaas 3.5.4±îÁö ¹öÀüÀÇ Sass::Prelexer::exactly() ÇÔ¼öÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ Á¤º¸¸¦ À¯Ãâ½ÃÅ°°Å³ª ¸Þ¸ð¸® Àб⠿µ¿ªÀ» Á¶ÀÛÇÒ ¼ö ÀÖ°Ô µÈ´Ù.
5. CVE-2018-11698
LibSaas 3.5.4±îÁö ¹öÀüÀÇ Sass::handle_error ÇÔ¼öÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ Á¤º¸¸¦ À¯Ãâ½ÃÅ°°Å³ª ¸Þ¸ð¸® Àб⠿µ¿ªÀ» Á¶ÀÛÇÒ ¼ö ÀÖ°Ô µÈ´Ù.
[±¹Á¦ºÎ ¹®°¡¿ë ±âÀÚ(globoan@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>