Skip to main content

Opus

2 CVEs product

Monthly

CVE-2022-25345 npm HIGH POC PATCH This Week

All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opus
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2013-0899 MEDIUM This Month

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Denial Of Service Buffer Overflow Microsoft Integer Overflow +3
NVD
CVSS 2.0
5.0
EPSS
1.2%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opus
NVD GitHub
EPSS 1% CVSS 5.0
MEDIUM This Month

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Denial Of Service Buffer Overflow +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy