discord.js - Imagine an app•2y ago

@discord.js/opus vulnerability in dependencies

npm audit report semver <7.5.2 Severity: moderate semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw fix available via npm audit fix --force Will install @discordjs/[email protected], which is a breaking change node_modules/make-dir/node_modules/semver make-dir 2.0.0 - 3.1.0 Depends on vulnerable versions of semver node_modules/make-dir @discordjs/node-pre-gyp >=0.3.1 Depends on vulnerable versions of make-dir node_modules/@discordjs/node-pre-gyp @discordjs/opus >=0.5.0 Depends on vulnerable versions of @discordjs/node-pre-gyp node_modules/@discordjs/opus prism-media 1.2.9 - 1.3.5 Depends on vulnerable versions of @discordjs/opus node_modules/prism-media @discordjs/voice >=0.2.0 Depends on vulnerable versions of prism-media node_modules/@discordjs/voice 6 moderate severity vulnerabilities

GitHub

CVE-2022-25883 - GitHub Advisory Database

semver vulnerable to Regular Expression Denial of Service

4 Replies

d.js toolkit•2y ago

• What's your exact discord.js npm list discord.js and node node -v version? • Post the full error stack trace, not just the top part! • Show your code! • Explain what exactly your issue is. • Not a discord.js issue? Check out #useful-servers.

cwchristerwOP•2y ago

I use [email protected] and my node version is 18.16.1. No error stack trace available due to nature of this issue. My code is https://github.com/warengroup/eximiabots-radiox/tree/develop I need new release of @discordjs/node-pre-gyp and @discord.js/opus with their dependencies up-to-date.

GitHub

GitHub - warengroup/eximiabots-radiox at develop

Internet Radio to your Discord guild. Contribute to warengroup/eximiabots-radiox development by creating an account on GitHub.

duck•2y ago

this vulnerability doesn't apply to how semver is used in node-pre-gyp

cwchristerwOP•17mo ago

It's still good to update dependencies 😄

Gaming

Programming

@discord.js/opus vulnerability in dependencies