@discordjs/opus@0.3.3 vulnerabilities

Opus bindings for Node

Direct Vulnerabilities

Known vulnerabilities in the @discordjs/opus package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Denial of Service (DoS)

@discordjs/opus is a native bindings to libopus.

Affected versions of this package are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.

How to fix Denial of Service (DoS)?

Upgrade @discordjs/opus to version 0.8.0 or higher.

<0.8.0