npm package
@discordjs/opus
pkg:npm/%40discordjs/opus
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-21521 | Hig | 7.5 | <= 0.9.0 | — | Jul 10, 2024 | All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash. | |
| CVE-2022-25345 | — | < 0.8.0 | 0.8.0 | Jun 17, 2022 | All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash. |
- affected <= 0.9.0
All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.
- CVE-2022-25345Jun 17, 2022affected < 0.8.0fixed 0.8.0
All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.