Latest version (v1.11.0) is vulnerable to multiple DoS attacks
aler9 opened this issue · comments
Alessandro Ros commented
PR #43 made public a series of strings that allow to crash the demuxer. Releasing a new version as soon as possible is mandatory in order prevent DoS attacks on services that make use of this library.
Quentin Renard commented
FYI I've created a v1.12.0
tag 👍