High severity7.5NVD Advisory· Published Jul 10, 2024· Updated Apr 15, 2026
CVE-2024-21521
CVE-2024-21521
Description
All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@discordjs/opusnpm | <= 0.9.0 | — |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-43wq-xrcm-3vgrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-21521ghsaADVISORY
- gist.github.com/dellalibera/98c48fd74bb240adbd7841a5c02aba9envdWEB
- github.com/discordjs/opus/blob/814e500c2785c5207ace19650192629beba2728b/src/node-opus.ccghsaWEB
- security.snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-6370643nvdWEB
- github.com/discordjs/opus/blob/814e500c2785c5207ace19650192629beba2728b/src/node-opus.cc%23L47nvd
News mentions
0No linked articles in our index yet.