@discordjs/opus is vulnerable to denial of service. An attacker is able cause an application crash via sending crafted requests through an encoder with zero channels, or a non-initialized buffer.
CPE | Name | Operator | Version |
---|---|---|---|
@discordjs/opus | le | 0.7.0 | |
@discordjs/opus | le | 0.7.0 |
github.com/advisories/GHSA-rvgf-69j7-xh78
github.com/discordjs/opus/blob/3ca4341ffdd81cf83cec57045e59e228e6017590/src/node-opus.cc#L28
github.com/discordjs/opus/blob/3ca4341ffdd81cf83cec57045e59e228e6017590/src/node-opus.cc%23L28
github.com/discordjs/opus/commit/406249f3fca484a2af97a34ceb989019efa09bc7
github.com/discordjs/opus/issues/131
github.com/discordjs/opus/pull/132