Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6154

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01274EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/02/05 11:7 a.m.16 views

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

7.5CVSS6.6AI score0.00597EPSS
Exploits0References1
OSV
OSV
added 2024/07/10 6:33 a.m.11 views

GHSA-43WQ-XRCM-3VGR @discordjs/opus vulnerable to Denial of Service

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a process crash...

8.7CVSS7.4AI score0.00597EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/07/10 6:33 a.m.44 views

@discordjs/opus vulnerable to Denial of Service

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a process crash...

7.5CVSS7.5AI score0.00597EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/07/10 5:15 a.m.4 views

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

7.5CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2024/07/10 5:15 a.m.17 views

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

7.5CVSS0.00597EPSS
Exploits0References3
CVE
CVE
added 2024/07/10 5:0 a.m.55 views

CVE-2024-21521

CVE-2024-21521 affects the @discordjs/opus package (native bindings to libopus). The vulnerability arises when an input object with a toString property is passed to several functions, potentially causing a system crash (DoS). If exploiting details are provided, they would be consistent with a Den...

7.5CVSS7AI score0.00597EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/10 5:0 a.m.15 views

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

7.5CVSS6.8AI score0.00597EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/10 5:0 a.m.14 views

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

7.5CVSS0.00597EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.6 views

PT-2024-18935 · Unknown · @Discordjs/Opus

Name of the Vulnerable Software and Affected Versions: @discordjs/opus versions all Description: The issue is related to a Denial of Service DoS condition that can occur when an input object with a toString property is provided to several different functions. This can lead to a system or process...

8.7CVSS6.6AI score0.00597EPSS
Exploits0References11
OSV
OSV
added 2022/06/18 12:0 a.m.91 views

GHSA-RVGF-69J7-XH78 Uncontrolled Resource Consumption in @discordjs/opus

Improperly handled errors in @discordjs/opus cause hard crashes instead of returning the error to user land. All versions of package @discordjs/opus = 0.7.0 are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads t...

7.5CVSS7.4AI score0.01274EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/06/18 12:0 a.m.48 views

Uncontrolled Resource Consumption in @discordjs/opus

Improperly handled errors in @discordjs/opus cause hard crashes instead of returning the error to user land. All versions of package @discordjs/opus = 0.7.0 are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads t...

7.5CVSS7.1AI score0.01274EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/06/17 8:15 p.m.18 views

CVE-2022-25345

All versions of package @discordjs/opus are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash...

7.5CVSS7.5AI score
Exploits0References4
OSV
OSV
added 2022/06/17 8:15 p.m.2 views

ALPINE-CVE-2022-25345

All versions of package @discordjs/opus are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash...

7.5CVSS6.9AI score0.01274EPSS
Exploits1References1
CVE
CVE
added 2022/06/17 8:0 p.m.204 views

CVE-2022-25345

CVE-2022-25345 affects the npm package @discordjs/opus. The root cause is improper error handling when encoding with an encoder that has zero channels or a non-initialized buffer, causing a Denial of Service via a hard crash. Exploitation details are not provided in the documents. Mitigation note...

7.5CVSS7.4AI score0.01274EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/06/17 8:0 p.m.5 views

CVE-2022-25345

All versions of package @discordjs/opus are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash...

7.5CVSS7AI score0.01274EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/17 12:0 a.m.3 views

@discordjs/opus 安全漏洞

@discordjs/opus is an open source native binding of discord.js to libopus v1.3. A security vulnerability exists in @discordjs/opus that stems from the vulnerability of this package to denial-of-service DoS attacks when attempting to encode with an encoder that has a zero-channel or an uninitializ...

7.5CVSS7.2AI score0.01274EPSS
Exploits1References3
Snyk
Snyk
added 2022/02/16 1:10 p.m.5 views

Denial of Service (DoS)

Overview @discordjs/opus is a native bindings to libopus. Affected versions of this package are vulnerable to Denial of Service DoS when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash. PoC // Zero channels: javascript const OpusEncode...

7.5CVSS6.9AI score0.01274EPSS
Exploits1References2
Rows per page
Query Builder