47 matches found
EUVD-2022-7423
Malicious code in bioql PyPI...
EUVD-2022-7477
Malicious code in bioql PyPI...
EUVD-2022-7300
Malicious code in bioql PyPI...
CVE-2022-41957
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron based/replacement on/of galkhana/hummusjs. The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be...
muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference
Impact The package muhammara before 2.6.2, from 3.0.0 and before 3.3.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. Patches It has been patched in 3.4.0 and has been backported to 2.6.2 There is no patch fo...
GHSA-2R7V-CMCH-5X26 muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference
Impact The package muhammara before 2.6.2, from 3.0.0 and before 3.3.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be parsed. Patches It has been patched in 3.4.0 and has been backported to 2.6.2 There is no patch fo...
@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-41957 via muhammara (>=1.10.0 <=2.0.0)
muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-41957 Source advisory: OSV:GHSA-2R7V-CMCH-5X26...
CVE-2022-41957
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
Code injection
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
CVE-2022-41957 muhammara vulnerable to Unchecked Return Value to NULL Pointer Dereference
Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and from 3.0.0 and before 3.3.0, as well as all versions of muhammara's predecessor package hummus, are vulnerable to Denial of Service DoS when supplied with a...
PT-2022-26182 · Muhammara +1 · Muhammara +1
Name of the Vulnerable Software and Affected Versions: muhammara versions prior to 2.6.2 muhammara versions 3.0.0 through 3.3.0 hummus all versions Description: The issue is related to a Denial of Service DoS condition that occurs when a maliciously crafted PDF file is parsed. The problem arises...
CVE-2022-41957
MuhammaraJS (node module with C/C++ bindings for modifying PDFs via JavaScript) is vulnerable to Denial of Service when parsing a malicious PDF. Affected versions are muhammara before 2.6.2 and 3.0.0 through 3.3.0, as well as all versions of hummus. The issue has been patched in muhammara 3.4.0 a...
Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Impact The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be appended to another. Patches It has been patched in 2.6.0 for muhammara and not at all for hummus Workarounds Do not process...
GHSA-RCRX-FPJP-MFRW Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Impact The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be appended to another. Patches It has been patched in 2.6.0 for muhammara and not at all for hummus Workarounds Do not process...
@khoazero123/hummus-recipe (=2.0.1), @mauriciocc/hummus-recipe (=2.0.1-node-16) +5 more potentially affected by CVE-2022-39381 via muhammara (>=1.10.0 <=2.0.0)
muhammara NPM version =1.10.0, =2.0.0, =1.10.25, =1.0.0, =1.0.4 Source cves: CVE-2022-39381 Source advisory: OSV:GHSA-RCRX-FPJP-MFRW...
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron based/replacement on/of galkhana/hummusjs. The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be...
Code injection
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron based/replacement on/of galkhana/hummusjs. The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service DoS when supplied with a maliciously crafted PDF file to be...