48 matches found
GHSA-FHP4-PR5J-46M5 Muhammara has a NULL pointer dereference in LZWDecode filter when DecodeParms omits EarlyChange key
Summary A NULL pointer dereference vulnerability exists in PDFParser::CreateFilterForStream when processing a PDF stream with /Filter /LZWDecode and a /DecodeParms dictionary that does not contain the EarlyChange key. This causes an access violation 0xC0000005 and crashes the process. Affected...
EUVD-2022-7423
Malicious code in bioql PyPI...
EUVD-2022-7477
Malicious code in bioql PyPI...
EUVD-2022-7300
Malicious code in bioql PyPI...
CVE-2022-41957
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron based/replacement on/of galkhana/hummusjs. The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be...
@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-41957 via muhammara (>=1.10.0 <=2.0.0)
muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-41957 Source advisory: OSV:GHSA-2R7V-CMCH-5X26...
GHSA-2R7V-CMCH-5X26 muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference
Impact The package muhammara before 2.6.2, from 3.0.0 and before 3.3.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. Patches It has been patched in 3.4.0 and has been backported to 2.6.2 There is no patch fo...
muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference
Impact The package muhammara before 2.6.2, from 3.0.0 and before 3.3.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. Patches It has been patched in 3.4.0 and has been backported to 2.6.2 There is no patch fo...
CVE-2022-41957
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
Code injection
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
PT-2022-26182 · Muhammara +1 · Muhammara +1
Name of the Vulnerable Software and Affected Versions: muhammara versions prior to 2.6.2 muhammara versions 3.0.0 through 3.3.0 hummus all versions Description: The issue is related to a Denial of Service DoS condition that occurs when a maliciously crafted PDF file is parsed. The problem arises...
CVE-2022-41957
MuhammaraJS (node module with C/C++ bindings for modifying PDFs via JavaScript) is vulnerable to Denial of Service when parsing a malicious PDF. Affected versions are muhammara before 2.6.2 and 3.0.0 through 3.3.0, as well as all versions of hummus. The issue has been patched in muhammara 3.4.0 a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-39381 via muhammara (>=1.10.0 <=2.0.0)
muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-39381 Source advisory: OSV:GHSA-RCRX-FPJP-MFRW...
GHSA-RCRX-FPJP-MFRW Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Impact The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be appended to another. Patches It has been patched in 2.6.0 for muhammara and not at all for hummus Workarounds Do not process...
Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Impact The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be appended to another. Patches It has been patched in 2.6.0 for muhammara and not at all for hummus Workarounds Do not process...
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron based/replacement on/of galkhana/hummusjs. The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be...