Vulnerability in Audify
CVE-2024-21522
All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder().decode or new OpusDecoder().decodeFloat functions it is not checked for negative values. This can l…
EPSS: 0.006 (44.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
- N/a Audify — versions 0
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2024-21522?
- CVE-2024-21522 is a high-severity vulnerability in Audify, classified under Improper Validation of Array Index. CVSS score: 7.5/10. Published 2024-07-10.
- How severe is CVE-2024-21522?
- High severity. CVSS v3 base score is 7.5 out of 10.
- Is CVE-2024-21522 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.