We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-21521



Description

All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.

Reserved 2023-12-22 | Published 2024-07-10 | Updated 2025-01-26 | Assigner snyk


HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P

Problem types

Denial of Service (DoS)

Credits

Alessio Della Libera

References

security.snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-6370643

github.com/...07ace19650192629beba2728b/src/node-opus.cc#L47

gist.github.com/dellalibera/98c48fd74bb240adbd7841a5c02aba9e

cve.org (CVE-2024-21521)

nvd.nist.gov (CVE-2024-21521)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-21521

Support options

Helpdesk Chat, Email, Knowledgebase