Skip to main content

Unchecked Return Value to NULL Pointer Dereference

CVE-2022-25892

Severity High
Score 7.5/10

Summary

The package muhammara versions prior to 2.6.1, 3.x prior to 3.1.1 and hummus versions prior to 1.0.111 are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-690 - Unchecked Return Value to NULL Pointer Dereference

The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.

Advisory Timeline

  • Published