6 matches found
@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25892 via hummus (>=1.0.104 <=1.0.110)
hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25892 Source advisory: OSV:GHSA-9CV5-4WQV-9W94...
CVE-2022-25892 Denial of Service (DoS)
The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed...
CVE-2022-25892 Denial of Service (DoS)
The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed...
CVE-2022-25892
CVE-2022-25892 affects Muham maraJS (muhammara) and HummusJS: DoS via parsing a malicious PDF. Affected: muhammara
@mauriciocc/hummus-recipe (=2.0.1-node-16) potentially affected by CVE-2022-25892 via muhammara (=2.0.0)
muhammara NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on muhammara and may be impacted: - @mauriciocc/hummus-recipe =2.0.1-node-16 Source cves: CVE-2022-25892 Source advisory: SNYK:JS-MUHAMMARA-3060320...
@fusuma/task-pdf (>=1.2.0 <=1.16.0), @infosupport/kc-cli (>=2.2.0 <=3.1.0) +10 more potentially affected by CVE-2022-25892 via hummus (>=1.0.104 <=1.0.110)
hummus NPM version =1.0.104, =1.2.0, =2.2.0, =1.0.0, =1.0.50, =0.0.10, =2.0.0, =1.0.0, =0.1.0, =0.1.2, =2.2.0, =0.0.7, =0.0.8 Source cves: CVE-2022-25892 Source advisory: SNYK:JS-HUMMUS-3091138...