PT-2022-17585 · Hummus+1 · Hummus+1
Julian Hille
·
Published
2022-11-01
·
Updated
2022-11-01
·
CVE-2022-25885
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
muhammara versions prior to 2.6.0
hummus versions prior to 1.0.111
Description
The issue allows for Denial of Service (DoS) when the
PDFStreamForResponse() function is used with invalid data.Recommendations
For muhammara versions prior to 2.6.0, update to version 2.6.0 or later.
For hummus versions prior to 1.0.111, update to version 1.0.111 or later.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Hummus
Muhammara