Xzyfer

**Name of the Vulnerable Software and Affected Versions** LibSass versions prior to 3.5.3 **Description** A NULL pointer dereference was found in the `Sass::Expand::operator` function, which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. **Recommendations** For versions prior to 3.5.3, update to version 3.5.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `Sass::Expand::operator` function until a patch is available.