All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder().decode or new OpusDecoder().decodeFloat functions it is not checked for negative values. This can lead to a process crash.

Project Subscriptions

Vendors Products
Almoghamdani Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2024-2289 All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder().decode or new OpusDecoder().decodeFloat functions it is not checked for negative values. This can lead to a process crash.
Github GHSA Github GHSA GHSA-7vhm-fmph-7wxw audify vulnerable to Improper Validation of Array Index
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sat, 04 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Almoghamdani
Almoghamdani audify
CPEs cpe:2.3:a:almoghamdani:audify:*:*:*:*:*:*:*:*
Vendors & Products Almoghamdani
Almoghamdani audify
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published:

Updated: 2026-07-04T15:25:05.084Z

Reserved: 2023-12-22T12:33:20.121Z

Link: CVE-2024-21522

cve-icon Vulnrichment

Updated: 2024-08-01T22:20:40.935Z

cve-icon NVD

Status : Deferred

Published: 2024-07-10T05:15:10.953

Modified: 2026-06-17T07:09:40.317

Link: CVE-2024-21522

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses