CVE-2022-25892

Summary

The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed.

Affected Software

VendorProductVersion RangeStatus
n/amuhammaraunspecified < 2.6.1affected
n/amuhammara3.1.0 < unspecifiedaffected
n/amuhammaraunspecified < 3.1.1affected
n/ahummus0 < unspecifiedaffected

Weaknesses

  • Denial of Service (DoS)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References