Unchecked Return Value to NULL Pointer Dereference
CVE-2022-25892
Summary
The package muhammara versions prior to 2.6.1, 3.x prior to 3.1.1 and hummus versions prior to 1.0.111 are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-690 - Unchecked Return Value to NULL Pointer Dereference
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
Advisory Timeline
- Published