{"package":"hummus","ecosystem":"npm","latest_version":"1.0.118","description":"Create, read and modify PDF files and streams","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"http://pdfhummus.com/","repository":"git://github.com/galkahana/HummusJS","downloads_weekly":4450,"health":{"score":58,"risk":"high","breakdown":{"maintenance":15,"popularity":6,"security":15,"maturity":15,"community":7},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":2,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2022-41957","severity":"high","summary":"muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference","affected_versions":">=3.0.0,<3.4.0|<2.6.2","fixed_version":"2.6.2","source":"osv","published_at":"2022-12-05T17:37:22Z","in_kev":false,"epss_prob":0.00348,"epss_percentile":0.57367,"threat_tier":"theoretical"},{"vuln_id":"CVE-2022-25885","severity":"high","summary":"muhammara and hummus vulnerable to null pointer dereference on bad response object","affected_versions":">=1.0.0,<1.0.111|<2.6.0","fixed_version":"2.6.0","source":"osv","published_at":"2022-11-01T12:00:30Z","in_kev":false,"epss_prob":0.00893,"epss_percentile":0.7565,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"1.0.118","total_count":118,"recent":["1.0.99","1.0.100","1.0.101","1.0.102","1.0.103","1.0.104","1.0.105","1.0.106","1.0.107","1.0.108","1.0.109","1.0.110","1.0.111","1.0.112","1.0.113","1.0.114","1.0.115","1.0.116","1.0.117","1.0.118"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2013-06-10T20:43:20.578Z","last_published":"2025-11-10T17:26:08.637Z","dependencies_count":1,"dependencies":["@mapbox/node-pre-gyp"]},"bundle":{"size_kb":188.3,"gzip_kb":50.7,"dependency_count":1,"has_js_module":false,"has_side_effects":true,"scoped":false,"source":"bundlephobia"},"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["2 high severity vulnerabilities"],"use_version":"1.0.118","version_hint":"Update to >= 2.6.0 to fix known vulnerabilities","summary":"hummus@1.0.118 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}