hummus@1.0.29 vulnerabilities

Create, read and modify PDF files and streams

Direct Vulnerabilities

Known vulnerabilities in the hummus package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Unchecked Return Value to NULL Pointer Dereference

Affected versions of this package are vulnerable to Unchecked Return Value to NULL Pointer Dereference. This can occur when supplying a maliciously crafted PDF file to be parsed.

NOTE: For users using the hummus package, it is required to replace the package with the muhammara package.

How to fix Unchecked Return Value to NULL Pointer Dereference?

There is no fixed version for hummus.

*
  • H
Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) when supplying a maliciously crafted PDF file to be appended to another.

How to fix Denial of Service (DoS)?

Upgrade hummus to version 1.0.111 or higher.

<1.0.111
  • H
Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed.

How to fix Denial of Service (DoS)?

Upgrade hummus to version 1.0.111 or higher.

<1.0.111
  • H
Denial of Service (DoS)

Affected versions of this package are vulnerable to Denial of Service (DoS) when PDFStreamForResponse() is used with invalid data.

How to fix Denial of Service (DoS)?

Upgrade hummus to version 1.0.111 or higher.

<1.0.111