Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7477

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0093EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2022/12/05 5:37 p.m.4 views

@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-41957 via muhammara (>=1.10.0 <=2.0.0)

muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-41957 Source advisory: OSV:GHSA-2R7V-CMCH-5X26...

7.5CVSS7.1AI score0.0093EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.4 views

CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference

Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...

7.5CVSS7.5AI score0.0093EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/11/02 6:10 p.m.5 views

@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-39381 via muhammara (>=1.10.0 <=2.0.0)

muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-39381 Source advisory: OSV:GHSA-RCRX-FPJP-MFRW...

7.5CVSS6.6AI score0.00645EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/11/01 12:0 p.m.4 views

@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-25892 via muhammara (>=1.10.0 <=2.0.0)

muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-25892 Source advisory: OSV:GHSA-9CV5-4WQV-9W94...

7.5CVSS7.1AI score0.01022EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/31 12:11 p.m.4 views

@mauriciocc/hummus-recipe (=2.0.1-node-16) potentially affected by CVE-2022-25885 via muhammara (=2.0.0)

muhammara NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on muhammara and may be impacted: - @mauriciocc/hummus-recipe =2.0.1-node-16 Source cves: CVE-2022-25885 Source advisory: SNYK:JS-MUHAMMARA-3091137...

7.5CVSS7.1AI score0.01141EPSS
Exploits1
Snyk
Snyk
added 2022/10/24 7:46 a.m.5 views

Denial of Service (DoS)

Overview muhammara is a Create, read and modify PDF files and streams. A drop in replacement for hummusjs PDF library Affected versions of this package are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. PoC js var pdfReader =...

7.5CVSS7AI score0.01022EPSS
Exploits0References2
Rows per page
Query Builder