Julian Hille

**Name of the Vulnerable Software and Affected Versions** muhammara versions prior to 2.6.0 hummus versions prior to 1.0.111 **Description** The issue allows for Denial of Service (DoS) when the `PDFStreamForResponse()` function is used with invalid data. **Recommendations** For muhammara versions prior to 2.6.0, update to version 2.6.0 or later. For hummus versions prior to 1.0.111, update to version 1.0.111 or later.

**Name of the Vulnerable Software and Affected Versions** muhammara versions prior to 2.6.1 muhammara versions 3.0.0 through 3.1.0 hummus versions prior to 1.0.111 **Description** The issue allows for Denial of Service (DoS) when a maliciously crafted PDF file is supplied to be parsed. **Recommendations** For muhammara versions prior to 2.6.1, update to version 2.6.1 or later. For muhammara versions 3.0.0 through 3.1.0, update to version 3.1.1 or later. For hummus versions prior to 1.0.111, update to version 1.0.111 or later. As a temporary workaround, do not process files from untrusted sources.