CVE-2022-41957

Name of the Vulnerable Software and Affected Versions muhammara versions prior to 2.6.2 muhammara versions 3.0.0 through 3.3.0 hummus (all versions)

Description The issue is related to a Denial of Service (DoS) condition that occurs when a maliciously crafted PDF file is parsed. The problem arises when the software is supplied with a specifically designed PDF file, leading to a denial of service. As a workaround, it is recommended not to process files from untrusted sources. If hummus is being used, it is advised to replace it with muhammara.

Recommendations For muhammara versions prior to 2.6.2, update to version 2.6.2 or later. For muhammara versions 3.0.0 through 3.3.0, update to version 3.4.0 or later. For hummus, replace the package with muhammara. As a temporary workaround, consider not processing files from untrusted sources until the issue is resolved.