mikaela
mikaela copied to clipboard
opusv0.3.2: 1 vulnerabilities (highest severity is: 7.5)
Vulnerable Library - opusv0.3.2
Native opus bindings for node
Library home page: https://github.com/discordjs/opus.git
Vulnerable Source Files (1)
/MikaelaBot/node_modules/@discordjs/opus/src/node-opus.cc
Vulnerabilities
CVE | Severity | ![]() |
Dependency | Type | Fixed in (opusv0.3.2 version) | Remediation Available |
---|---|---|---|---|---|---|
CVE-2022-25345 | ![]() |
7.5 | opusv0.3.2 | Direct | N/A | ❌ |
Details
CVE-2022-25345
Vulnerable Library - opusv0.3.2
Native opus bindings for node
Library home page: https://github.com/discordjs/opus.git
Found in base branch: main
Vulnerable Source Files (1)
/MikaelaBot/node_modules/@discordjs/opus/src/node-opus.cc
Vulnerability Details
All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.
Publish Date: 2022-06-17
URL: CVE-2022-25345
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Step up your Open Source Security Game with Mend here