Djangoproject Daphne
2 CVEs affecting Djangoproject Daphne. Latest disclosed: 2026-06-03. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44545 | Medium | 5.3 | 2026-06-03 | daphne before 4.2.2 did not pass maxFramePayloadSize or maxMessagePayloadSize to Autobahn's WebSocketServerFactory. Because Autobahn defaults both values to 0… |
CVE-2026-44546 | Low | 3.7 | 2026-06-03 | daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not… |