High severity7.5GHSA Advisory· Published Jul 10, 2024· Updated Apr 15, 2026
CVE-2024-21526
CVE-2024-21526
Description
All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
speakernpm | <= 0.5.5 | — |
Affected products
2- Range: <= 0.5.5
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-w5fc-gj3h-26rxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-21526ghsaADVISORY
- github.com/TooTallNate/node-speaker/blob/316afff5a393fce438cf7296011fcfc6e12aa9dc/src/binding.cghsaWEB
- security.snyk.io/vuln/SNYK-JS-SPEAKER-6370676nvdWEB
- github.com/TooTallNate/node-speaker/blob/316afff5a393fce438cf7296011fcfc6e12aa9dc/src/binding.c%23L48nvd
News mentions
0No linked articles in our index yet.