Zyingpo

**Name of the Vulnerable Software and Affected Versions** LibSass version 3.5.5 **Description** A high memory footprint issue caused by an endless loop may lead to a Denial of Service when processing crafted sass input files containing stray '&' or '/' characters. This issue is considered closed by the upstream as "won't fix" and "works as intended" by design. **Recommendations** For LibSass version 3.5.5, consider avoiding the use of stray '&' or '/' characters in sass input files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.