Unchecked Return Value to NULL Pointer Dereference
CVE-2022-25885
Summary
The package muhammara versions before 2.6.0 and hummus versions before 1.0.111 are vulnerable to Denial of Service (DoS) when "PDFStreamForResponse()" is used with invalid data.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-690 - Unchecked Return Value to NULL Pointer Dereference
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
Advisory Timeline
- Published