CVE-2022-25345: Use of Uninitialized Resource
(updated )
All versions of package @discordjs/opus is vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.
References
Detect and mitigate CVE-2022-25345 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →