Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package hummus, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2022-25885 — CVSS 7.5 (high): The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is…
CVE-2022-25892 — CVSS 7.5 (high): The package muhammara before 2.6.1, from 3.0.0 and before 3.1.1; all versions of package hummus are vulnerable to Denial of Service (DoS)…
CVE-2022-39381 — CVSS 7.5 (high): Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The…
CVE-2022-41957 — CVSS 7.5 (high): Muhammara is a node module with c/cpp bindings to modify PDF with JavaScript for node or electron. The package muhammara before 2.6.2 and…