Количество 2
Количество 2
CVE-2022-39381
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be appended to another. This issue has been patched in 2.6.0 for muhammara and not at all for hummus. As a workaround, do not process files from untrusted sources.
GHSA-rcrx-fpjp-mfrw
Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-39381 Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be appended to another. This issue has been patched in 2.6.0 for muhammara and not at all for hummus. As a workaround, do not process files from untrusted sources. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
| GHSA-rcrx-fpjp-mfrw Unchecked Return Value to NULL Pointer Dereference in PDFDocumentHandler.cpp | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу