All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder().decode or new OpusDecoder().decodeFloat functions it is not checked for negative values. This can lead to a process crash.

Affected Packages

npm audify

Affected versions: 0 (last affected: 1.9.0)

Related CVEs

CVE-2024-21522

Key Information

GHSA ID

GHSA-7vhm-fmph-7wxw

Published

July 10, 2024 6:33 AM

Last Modified

July 10, 2024 8:43 PM

CVSS Score

7.5 /10

Primary Ecosystem

npm

Primary Package

audify

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.