5 matches found
@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25885 via hummus (>=1.0.104 <=1.0.110)
hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25885 Source advisory: OSV:GHSA-FRP9-2V6R-GJ97...
CVE-2022-25885
The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data...
CVE-2022-25885 Denial of Service (DoS)
The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data...
CVE-2022-25885
CVE-2022-25885 affects MuhammaraJS/muhammara versions prior to 2.6.0 and hummus prior to 1.0.111. The vulnerability is a Denial of Service (DoS) triggered when PDFStreamForResponse() is used with invalid data, which can cause crashes or degraded availability. Public technical details in connected...
CVE-2022-25885 Denial of Service (DoS)
The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when PDFStreamForResponse is used with invalid data...