CVE-2022-43358: 
NixOS vulnerability analysis and mitigation

CVE-2022-43358 is a stack overflow vulnerability discovered in LibSass version 3.6.5-8-g210218, specifically in the astselectors.cpp file within the Sass::ComplexSelector::hasplaceholder function. The vulnerability was disclosed on August 22, 2023, affecting the LibSass compiler, which is a C/C++ implementation of a Sass compiler (NVD, CVE).

The vulnerability is classified as an Out-of-bounds Write (CWE-787) with a CVSS v3.1 base score of 7.5 (HIGH). The issue manifests as a stack overflow in the hasplaceholder function within astselectors.cpp at line 464, which can be triggered through specially crafted input (NVD, GitHub Issue).

When exploited, this vulnerability can lead to a denial of service (DoS) condition by causing the application to crash. The stack overflow condition can potentially allow attackers to cause system instability and service disruption (NVD).

Users are advised to upgrade to a patched version of LibSass. However, it should be noted that LibSass is now deprecated, and while it continues to receive maintenance releases, there are no plans to add additional features. Projects using LibSass are recommended to migrate to Dart Sass as a long-term solution (LibSass).