CVE-2024-7771: Unchecked Wavefile Resample
Calling `.toSampleRate()` on a `WaveFile` instance without first validating the underlying `.fmt.sampleRate` or `.data.samples` length can lead to Denial of Service (DoS) via memory exhaustion (OOM). An attacker can supply a malicious audio file with unusually low sample rates (e.g., 1 Hz). When resampled to higher rates, the resulting byte array expands exp
JSgreprules fetch cve-2024-7771-unchecked-wavefile-resample --engine opengrepDescription
Calling `.toSampleRate()` on a `WaveFile` instance without first validating the underlying `.fmt.sampleRate` or `.data.samples` length can lead to Denial of Service (DoS) via memory exhaustion (OOM). An attacker can supply a malicious audio file with unusually low sample rates (e.g., 1 Hz). When resampled to higher rates, the resulting byte array expands exp
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0