All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.
References
Configurations
No configuration.
History
21 Nov 2024, 08:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/TooTallNate/node-speaker/blob/316afff5a393fce438cf7296011fcfc6e12aa9dc/src/binding.c%23L48 - | |
References | () https://security.snyk.io/vuln/SNYK-JS-SPEAKER-6370676 - |
11 Jul 2024, 15:05
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-241 |
11 Jul 2024, 13:05
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
10 Jul 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-10 05:15
Updated : 2024-11-21 08:54
NVD link : CVE-2024-21526
Mitre link : CVE-2024-21526
CVE.ORG link : CVE-2024-21526
JSON object : View
Products Affected
No product.