CVE-2022-25885

Published November 1st, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECTS

Description

The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is used with invalid data.

julianhille/MuhammaraJS

Muhammara a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs)

GitHub

303

galkahana/HummusJS

Node.js module for high performance creation, modification and parsing of PDF files and streams

GitHub

1.18K