Parkhyunwoo

**Name of the Vulnerable Software and Affected Versions** daphne versions prior to 4.2.2 **Description** An unauthenticated remote attacker can cause excessive memory consumption and a denial of service by sending arbitrarily large WebSocket messages or frames. This occurs because `maxFramePayloadSize` and `maxMessagePayloadSize` are not passed to Autobahn's `WebSocketServerFactory` function, which defaults both values to 0, meaning they are unlimited. **Recommendations** Update to version 4.2.2 or later.