Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2022/11/01 12:0 p.m.4 views

@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25892 via hummus (>=1.0.104 <=1.0.110)

hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25892 Source advisory: OSV:GHSA-9CV5-4WQV-9W94...

7.5CVSS7.1AI score0.01022EPSS
Exploits0
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.31 views

CVE-2022-25892 Denial of Service (DoS)

The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed...

7.5CVSS7.6AI score0.01022EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.5 views

CVE-2022-25892 Denial of Service (DoS)

The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed...

7.5CVSS6.7AI score0.01022EPSS
Exploits0References6
CVE
CVE
added 2022/11/01 12:0 a.m.70 views

CVE-2022-25892

CVE-2022-25892 affects Muham maraJS (muhammara) and HummusJS: DoS via parsing a malicious PDF. Affected: muhammara

7.5CVSS7.4AI score0.01022EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2022/10/24 7:46 a.m.7 views

@mauriciocc/hummus-recipe (=2.0.1-node-16) potentially affected by CVE-2022-25892 via muhammara (=2.0.0)

muhammara NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on muhammara and may be impacted: - @mauriciocc/hummus-recipe =2.0.1-node-16 Source cves: CVE-2022-25892 Source advisory: SNYK:JS-MUHAMMARA-3060320...

7.5CVSS7.1AI score0.01022EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/24 7:46 a.m.25 views

@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25892 via hummus (>=1.0.104 <=1.0.110)

hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25892 Source advisory: SNYK:JS-HUMMUS-3091138...

7.5CVSS7.1AI score0.01022EPSS
Exploits0
Rows per page
Query Builder