THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-21521

Assignersnyk
Reserved2023-12-22
Published2024-07-10
Updated2024-07-10

Description

All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.



HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P

Problem types

Denial of Service (DoS)

Credits

Alessio Della Libera

References

https://security.snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-6370643

https://github.com/discordjs/opus/blob/814e500c2785c5207ace19650192629beba2728b/src/node-opus.cc%23L47

https://gist.github.com/dellalibera/98c48fd74bb240adbd7841a5c02aba9e

cve.org CVE-2024-21521

nvd.nist.gov CVE-2024-21521

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-21521
© Copyright 2024 THREATINT. Made in Cyprus with +