GHSA-FRH3-6PV6-RC8J Bandit's unbounded WebSocket inflate causes BEAM OOM with a single frame

Summary When a Bandit-fronted server has explicitly enabled WebSocket permessage-deflate compress: true, an unauthenticated client can OOM the BEAM with a single 6 MiB WebSocket frame. Bandit's inflate step has no output-size cap, so a small high-ratio compressed frame e.g. zeros, 1024:1 ratio...

BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC

No description provided by source. Deny Of Service and infinite loop in BitDefender module pdf.xmd / ProTeuS @ cih.ms / tested on pdf.xmd BitDefender's pdf engine by Alexandru Matei 0.1,Oct 8 2008, CRC32=A393F805 and on pdf.xmd last update by the moment of publication Deny of service occurs durin...

Fwd: Deny Of Service and infinite loop in BitDefender (module pdf.xmd)

Deny Of Service and infinite loop in BitDefender module pdf.xmd / ProTeuS @ cih.ms / tested on pdf.xmd BitDefender's pdf engine by Alexandru Matei 0.1,Oct 8 2008, CRC32=A393F805 and on pdf.xmd last update by the moment of publication Deny of service occurs during parsing of included compressed...

BitDefender (module pdf.xmd) Infinite Loop Denial of Service PoC

Exploit for unknown platform in category dos / poc ================================================================ BitDefender module pdf.xmd Infinite Loop Denial of Service PoC ================================================================ Deny Of Service and infinite loop in BitDefender modu...