Vulnerability Description
All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://gist.github.com/dellalibera/98c48fd74bb240adbd7841a5c02aba9e
- https://github.com/discordjs/opus/blob/814e500c2785c5207ace19650192629beba2728b/
- https://security.snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-6370643
- https://gist.github.com/dellalibera/98c48fd74bb240adbd7841a5c02aba9e
- https://github.com/discordjs/opus/blob/814e500c2785c5207ace19650192629beba2728b/
- https://security.snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-6370643
FAQ
What is CVE-2024-21521?
CVE-2024-21521 is a vulnerability with a CVSS score of 7.5 (HIGH). All versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toString to several different functions. Exploiting this vulnerab...
How severe is CVE-2024-21521?
CVE-2024-21521 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-21521?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.