Msrc Azl3 Libsass 3.6.6-1 On Azure Linux 3.0 vulnerabilities

CVE-2022-43358 [HIGH] CWE-787 Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS) Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS). FAQ: Is Azure Linux the only Microsoft product that includes this

CVE-2022-26592 [HIGH] CWE-787 Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to

CVE-2022-43357 [HIGH] CWE-787 Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (D Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.