CVE-2022-25885

Summary

The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is used with invalid data.

Affected Software

VendorProductVersion RangeStatus
n/amuhammaraunspecified < 2.6.0affected
n/ahummus0 < unspecifiedaffected

Weaknesses

  • Denial of Service (DoS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References